DORA entered into force on 16 January 2023 and will apply from 17 January 2025. It aims to establish a comprehensive framework for digital operational resilience in the financial services sector.
We welcome the EU’s commitment to establishing a digital operational resilience framework for the financial sector.
However, the specificities, of IORPs and their service providers have not been properly considered in the ESAs preliminary approach. The principle of proportionality should be also better reflected in level 2 measures, to ensure a risk and principle based approach.
PensionsEurope answered to the following consultations:
Consultation paper on draft RTS on the classification of ICT incidents
Consultation paper on draft RTSs ICT risk management tools methods processes and policies
Consultation paper on draft RTS on policy on the use of ICT services regarding CI functions
Consultation paper on draft ITS on register of information