1.   In order to carry out its duties under this Regulation, the Lead Overseer, assisted by the joint examination team referred to in Article 40(1), may, where necessary, conduct investigations of critical ICT third-party service providers. 2.   The Lead Overseer shall have the power to: (a) examine records, data, procedures and any other material relevant to the execution of its tasks, irrespective of the medium on which they are stored; (b) take or obtain certified copies of, or extracts from, such records, data, documented procedures and any other material; (c) summon representatives of the critical ICT third-party service provider for oral or written explanations on facts or documents … Continue reading Article 38 DORA – General investigationsRead More →