EU-DORA-19-05
Transparency
19 — Reporting of major ICT-related incidents and voluntary notification of significant cyber threats
Include significance and cross-border impact information in reports
Description
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
EU-DORA-19-01
Reporting
Report major ICT-related incidents to competent authority
EU-DORA-19-02
Reporting
Report major ICT incidents to ECB (significant credit institutions)
EU-DORA-19-03
Documentation
Produce initial notification and reports using templates
EU-DORA-19-04
Requirement
Use alternative notification means when template submission impossible
EU-DORA-19-06
Transparency
Inform clients about major ICT incidents without undue delay
EU-DORA-19-07
Transparency
Inform clients about protection measures for cyber threats
EU-DORA-19-08
Reporting
Submit initial notification within prescribed time limits
EU-DORA-19-09
Reporting
Submit intermediate reports upon status changes
EU-DORA-19-10
Reporting
Submit final report after root cause analysis completion
EU-DORA-19-11
Requirement
Remain responsible for reporting when outsourcing to third party
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started