Question ID: DORA135 - 3191
Regulation Reference: (EU) 2022/2554 - Digital Operational Resilience Act (DORA)
Topic: ICT third-party risk management (DORA)
Article: 28(3)
Status: Rejected
Date of submission: 20 Nov 2024
Question
Is there a presumed timeline of the reissue of ITS regarding the standard template for the register of information referred to in article 28(3) DORA by the ESAs? Furthermore, is there a presumed timeline of adoption of the RTS on subcontracting ICT services supporting a critical or important function (legal basis being article 30(5) DORA)?
Background of the question
As representatives of the financial entities to whom DORA applies, wishing to exercise the utmost diligence in assisting them in fulfilling the obligations imposed by EU law, we would appreciate a response on when we should expect progress on the DORA implementing acts.
EIOPA answer
The question has been rejected because it is out of scope of the regulatory Q&A process on DORA.