Skip to main content
DORA Auditor

Article 32: Structure of the Oversight Framework

Last updated: 1 authoritative sourceDORA Auditor Editorial Team

Article 32 establishes the structure of the oversight framework for critical ICT third-party providers, including the Lead Overseer role and the joint oversight arrangements among the European Supervisory Authorities.

Chapter V, Managing of ICT third-party risk · Pillar: ICT Third-Party Risk

Key points

  • Establishes the oversight framework structure
  • Introduces the Lead Overseer role
  • Coordinates the ESAs' joint oversight

How this fits DORA

Article 32 sits within the ICT Third-Party Risk pillar. For the full set of obligations and how they interlock, see the DORA requirements overview.

Read the official text

This is an editorial summary. Read the binding text of Article 32 in the consolidated regulation on EUR-Lex.

Sources

  1. Regulation (EU) 2022/2554 (DORA), EUR-Lex