EU-DORA-8-06
Documentation
8 — Identification
Identify and map all information and ICT assets
Description
Financial entities must identify all information assets and ICT assets, including those on remote sites, network resources and hardware equipment, and map those considered critical.
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
EU-DORA-8-01
Documentation
Identify and classify ICT supported business functions, roles and responsibilities
EU-DORA-8-02
Monitoring
Review adequacy of classification and documentation yearly
EU-DORA-8-03
Risk Management
Continuously identify all sources of ICT risk
EU-DORA-8-04
Risk Management
Review risk scenarios annually
EU-DORA-8-05
Risk Management
Perform risk assessment upon major changes (non-microenterprises)
EU-DORA-8-07
Documentation
Map asset configuration and interdependencies
EU-DORA-8-08
Documentation
Identify ICT third-party dependent processes
EU-DORA-8-09
Documentation
Maintain and update asset inventories
EU-DORA-8-10
Risk Management
Conduct annual ICT risk assessment on legacy systems (non-microenterprises)
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started