Compliance Library Blog Product Sign In
EU-DORA-16-05 Risk Management 16 — Simplified ICT risk management framework

Identify key ICT third-party service provider dependencies

Description

Identify key dependencies on ICT third-party service providers to understand and manage external risks.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

EU-DORA-16-01 Risk Management

Implement documented ICT risk management framework
EU-DORA-16-02 Monitoring

Continuously monitor ICT systems security and functioning
EU-DORA-16-03 Risk Management

Minimize ICT risk through sound, resilient systems
EU-DORA-16-04 Risk Management

Enable prompt identification and handling of ICT risks and incidents
EU-DORA-16-06 Risk Management

Ensure business continuity for critical or important functions
EU-DORA-16-07 Requirement

Regularly test business continuity plans and control effectiveness
EU-DORA-16-08 Requirement

Implement operational conclusions from testing and incidents
EU-DORA-16-09 Documentation

Document and periodically review ICT risk management framework
EU-DORA-16-10 Requirement

Continuously improve ICT risk management framework
EU-DORA-16-11 Reporting

Submit framework review report to competent authority upon request

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started