1.   Financial entities shall define, establish and implement an ICT-related incident management process to detect, manage and notify ICT-related incidents. 2.   Financial entities shall record all ICT-related incidents and significant cyber threats. Financial entities shall establish appropriate procedures and processes to ensure a consistent and integrated monitoring, handling and follow-up of ICT-related incidents, to ensure that root causes are identified, documented and addressed in order to prevent the occurrence of such incidents. 3.   The ICT-related incident management process referred to in paragraph 1 shall: (a) put in place early warning indicators; (b) establish procedures to identify, track, log, categorise and classify ICT-related incidents according to their priority and … Continue reading Article 17 DORA – ICT-related incident management processRead More →