Data IntelligenceAI ControlRAG SystemsVoice AIDORA LibraryBlogAboutPricingSchedule Review
← Back to DORA Library
EUIn ForceFinal

ITS on Incident Reporting Templates

Commission Implementing Regulation (EU) 2025/302 laying down implementing technical standards with regard to the standard forms, templates, and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat

European Commission
Updated Feb 20, 2025
vFinal

Abstract

Implementing Technical Standards under Regulation (EU) 2022/2554 (DORA) specifying harmonised templates, data fields, procedures, and secure channels for financial entities to submit initial notifications, intermediate reports, and final reports for major ICT-related incidents, and to notify significant cyber threats, ensuring consistent, high-quality supervisory reporting across the EU.

Key Takeaways

  • Introduces mandatory standard templates for initial, intermediate, and final incident reports.
  • Defines detailed data glossary and structured fields covering impact, downtime, clients, transactions, and root causes.
  • Supports aggregated reporting where incidents affect multiple entities via third-party providers.
  • Requires use of secure electronic channels for submission to competent authorities.
  • Also establishes templates and procedures for voluntary notification of significant cyber threats.

Keywords

EU 2025/302Implementing RegulationITSincident reportingmajor ICT incidenttemplatesArticle 19Article 20DORA reporting

Need DORA-Aligned AI Architecture?

We build AI systems that satisfy DORA requirements from day one. Audit trails, governance, exit readiness - built in, not bolted on.

Schedule Architecture Reviewviktor@intellectumlab.com | Response within 24 hours