Question ID: 3457 - DORA274
Regulation Reference: (EU) 2022/2554 - Digital Operational Resilience Act (DORA)
Topic: ICT third-party risk management (DORA)
Status: Rejected
Date of submission: 07 Nov 2025
Question
Could you kindly advise when the official list of critical ICT third-party service providers under the DORA Regulation is expected to be published? Additionally, would it be possible to obtain any preliminary information regarding this matter and the designation?
EIOPA answer
This question has been rejected because no issue of practical implementation has been identified.