Data IntelligenceAI ControlRAG SystemsVoice AIDORA LibraryBlogAboutPricingSchedule Review
← Back to DORA Library
EUIn ForceFinal

ICT Risk Management – RTS (EU) 2024/1774

Commission Delegated Regulation (EU) 2024/1774 supplementing Regulation (EU) 2022/2554 with regard to regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework

European Commission
Updated Jun 25, 2024
vFinal

Abstract

Regulatory Technical Standards under DORA specifying detailed ICT risk management tools, methods, processes and policies, including ICT security governance, asset management, encryption, operations security, vulnerability and patch management, network security, project and change management, access control, and a simplified ICT risk management framework for smaller entities.

Key Takeaways

  • Defines mandatory ICT security policies, procedures, protocols and tools under DORA Article 15.
  • Introduces prescriptive controls for asset management, encryption, logging, vulnerability and patch management, and network security.
  • Sets detailed requirements for ICT project management, system development lifecycle, and change management.
  • Establishes structured incident detection, logging, and response mechanisms.
  • Provides a simplified ICT risk management framework for smaller or less complex financial entities.

Keywords

EU 2024/1774DORA RTSArticle 15ICT security controlssimplified frameworkfinancial entities

Need DORA-Aligned AI Architecture?

We build AI systems that satisfy DORA requirements from day one. Audit trails, governance, exit readiness - built in, not bolted on.

Schedule Architecture Reviewviktor@intellectumlab.com | Response within 24 hours