Updated 01/07/2025
In force

Version from: 25/06/2024
Amendments
Search within this legal act

Article 5 - Delegated Regulation 2024/1774

Article 5

ICT asset management procedure

1.  
Financial entities shall develop, document, and implement a procedure for the management of ICT assets.
2.  

The procedure for management of ICT assets referred to in paragraph 1 shall specify the criteria to perform the criticality assessment of information assets and ICT assets supporting business functions. That assessment shall take into account:

(a) 

the ICT risk related to those business functions and their dependencies on the information assets or ICT assets;

(b) 

how the loss of confidentiality, integrity, and availability of such information assets and ICT assets would impact the business processes and activities of the financial entities.