Article 33: Tasks of the Lead Overseer
Last updated: 1 authoritative sourceDORA Auditor Editorial Team
Article 33 sets out the tasks of the Lead Overseer, including assessing whether each critical provider has comprehensive, sound, and effective rules and controls to manage the ICT risk it may pose to financial entities.
Chapter V, Managing of ICT third-party risk · Pillar: ICT Third-Party Risk
Key points
- Defines the Lead Overseer's assessment tasks
- Evaluates critical providers' risk controls
- Underpins recommendations to providers
How this fits DORA
Article 33 sits within the ICT Third-Party Risk pillar. For the full set of obligations and how they interlock, see the DORA requirements overview.
Read the official text
This is an editorial summary. Read the binding text of Article 33 in the consolidated regulation on EUR-Lex.