Compliance Library Blog Product Sign In
EU-DORA-5-24 Requirement 5 — Governance and organisation

Periodically review ICT internal audit plans

Description

The management body must periodically review the financial entity's ICT internal audit plans.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

EU-DORA-5-01 Requirement

Establish internal governance and control framework for ICT risk management
EU-DORA-5-02 Requirement

Management body must define ICT risk management framework
EU-DORA-5-03 Requirement

Management body must approve ICT risk management framework
EU-DORA-5-04 Human Oversight

Management body must oversee ICT risk management framework
EU-DORA-5-05 Requirement

Management body responsibility for ICT risk management implementation
EU-DORA-5-06 Requirement

Management body bears ultimate responsibility for managing ICT risk
EU-DORA-5-07 Data Governance

Establish data availability policies
EU-DORA-5-08 Data Governance

Establish data authenticity policies
EU-DORA-5-09 Data Governance

Establish data integrity policies
EU-DORA-5-10 Data Governance

Establish data confidentiality policies

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started