EU-DORA-5-35 Requirement 5 — Governance and organisation

Designate senior management for ICT third-party risk oversight (non-microenterprises)

Description

Financial entities, other than microenterprises, may designate a member of senior management as responsible for overseeing the related risk exposure and relevant documentation regarding ICT...

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Related Obligations

EU-DORA-5-01 Requirement

Establish internal governance and control framework for ICT risk management

EU-DORA-5-02 Requirement

Management body must define ICT risk management framework

EU-DORA-5-03 Requirement

Management body must approve ICT risk management framework

EU-DORA-5-04 Human Oversight

Management body must oversee ICT risk management framework

EU-DORA-5-05 Requirement

Management body responsibility for ICT risk management implementation

EU-DORA-5-06 Requirement

Management body bears ultimate responsibility for managing ICT risk

EU-DORA-5-07 Data Governance

Establish data availability policies

EU-DORA-5-08 Data Governance

Establish data authenticity policies

EU-DORA-5-09 Data Governance

Establish data integrity policies

EU-DORA-5-10 Data Governance

Establish data confidentiality policies

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Designate senior management for ICT third-party risk oversight (non-microenterprises)

Description

Full Analysis & Evidence Requirements

Related Obligations

Map this obligation to your AI systems

Start your compliance assessment