Compliance Library Blog Product Sign In
EU-DORA-9-17 Documentation 9 — Protection and prevention

Have appropriate and comprehensive documented policies for patches and updates

Description

Financial entities must have appropriate and comprehensive documented policies for patches and updates.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

EU-DORA-9-01 Monitoring

Continuous monitoring and control of ICT systems security and functioning
EU-DORA-9-02 Risk Management

Minimize ICT risk impact through deployment of security measures
EU-DORA-9-03 Requirement

Design, procure and implement ICT security policies for resilience
EU-DORA-9-04 Data Governance

Maintain high standards of data availability, authenticity, integrity and confidentiality
EU-DORA-9-05 Requirement

Use appropriate ICT solutions and processes per Article 4
EU-DORA-9-06 Requirement

Ensure security of data transfer means
EU-DORA-9-07 Risk Management

Minimize risk of data corruption, loss, unauthorized access and technical flaws
EU-DORA-9-08 Requirement

Prevent availability loss, authenticity/integrity impairment and confidentiality breaches
EU-DORA-9-09 Data Governance

Protect data from data management risks
EU-DORA-9-10 Documentation

Develop and document information security policy

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started