RTS published and sent to EU Commission:
- JC 2023 83 – RTS on criteria for the classification of ICT-related incidents
- JC 2023 84 – RTS on the policy on ICT services supporting critical or important functions provided by ICT third-party service providers
- JC 2023 85 – Implementing Technical Standards (ITS) to establish the templates for the register of information
- JC 2023 86 – RTS on ICT risk management framework and on simplified ICT risk management framework
JC_2023_83_-_Final_Report_on_draft_RTS_on_classification_of_major_incidents_and_significant_cyber_threats
JC_2023_84_-_Final_report_on_draft_RTS_to_specify_the_policy_on_ICT_services_supporting_critical_or_important_functions
JC_2023_85_-_Final_report_on_draft_ITS_on_Register_of_Information
JC_2023_86_-_Final_report_on_draft_RTS_on_ICT_Risk_Management_Framework_and_on_simplified_ICT_Risk_Management_Framework
Deadline for Final Report and the submission of the other draft RTS to the European Commission is 17th July 2024. RTS listed further are under construction:
- Joint draft RTS specifying elements related to threat led penetration tests – EBA link
- Joint Technical Standards on major incident reporting – EBA link
- Joint Regulatory Technical Standards on subcontracting ICT services supporting critical or important functions – EBA link
- Joint Regulatory Technical Standards on the harmonisation of conditions enabling the conduct of the oversight activities – EBA link
Final deadline for compliance:
Jan 17 2025