Skip to main content
DORA Auditor

Major ICT-Related Incident

Last updated: 1 authoritative sourceDORA Auditor Editorial Team

A major ICT-related incident is an ICT incident that meets DORA's classification thresholds and must therefore be reported to the competent authority. Classification (Article 18) considers factors such as clients affected, duration, geographic spread, data losses, and economic impact.

Detailed explanation

DORA harmonises how financial entities decide which incidents are serious enough to report. An incident is assessed against materiality criteria set out in the regulation and its technical standards; if the relevant thresholds are crossed, it is 'major' and triggers mandatory reporting on a defined timeline, an initial notification, an intermediate report as understanding develops, and a final report with root-cause analysis. Entities must also notify affected clients where appropriate. Getting classification right matters: over-reporting wastes resources, while under-reporting risks supervisory penalties.

In context

This term relates to the ICT Incident Reporting pillar and is grounded in DORA Article 18.

Related terms

Sources

  1. DORA Articles 17–19, EUR-Lex