Article 17: ICT-related incident management process
Last updated: 1 authoritative sourceDORA Auditor Editorial Team
Article 17 requires financial entities to define, establish, and implement an ICT-related incident management process to detect, manage, and notify ICT-related incidents, and to record all incidents and significant cyber threats.
Chapter III, ICT-related incident management · Pillar: ICT Incident Reporting
Key points
- Requires a defined incident management process
- Covers detection, handling, and notification
- Mandates logging of incidents and significant cyber threats
How this fits DORA
Article 17 sits within the ICT Incident Reporting pillar. For the full set of obligations and how they interlock, see the DORA requirements overview.
Read the official text
This is an editorial summary. Read the binding text of Article 17 in the consolidated regulation on EUR-Lex.