Skip to main content
DORA Auditor

Article 17: ICT-related incident management process

Last updated: 1 authoritative sourceDORA Auditor Editorial Team

Article 17 requires financial entities to define, establish, and implement an ICT-related incident management process to detect, manage, and notify ICT-related incidents, and to record all incidents and significant cyber threats.

Chapter III, ICT-related incident management · Pillar: ICT Incident Reporting

Key points

  • Requires a defined incident management process
  • Covers detection, handling, and notification
  • Mandates logging of incidents and significant cyber threats

How this fits DORA

Article 17 sits within the ICT Incident Reporting pillar. For the full set of obligations and how they interlock, see the DORA requirements overview.

Read the official text

This is an editorial summary. Read the binding text of Article 17 in the consolidated regulation on EUR-Lex.

Sources

  1. Regulation (EU) 2022/2554 (DORA), EUR-Lex