Search QAs

Article 18 refers to "Member States" in regard to geographical spread. However, this implies that the article does not include EEA members, i.e., incidents that spread to EEA and non-EU members (Iceland, Liechtenstein, Norway) are not to be considered in the classification of major ICT-related incid…

Scope and Territorial Applicability of DORA Does DORA apply exclusively to entities operating within the EU? Consider the following examples for clarification: Example 1: An organization headquartered in an EU Member State, such as Spain, operates branches in non-EU countries (e.g., New Zealand, Jap…

We are an elearning platform provider. We work with an important bank in France. Is Dora applicable for our company (provider of soft skills elearning content to bank sector employees) ? 

Software is bought as it is from an external provider. The contract specifies no further development, maintenance or support. However, the service provider publishes updates, which can optionally be downloaded by users. Would this constellation represent a DORA ICT-service?

Can Social Media usage (e.g. for public relations) be considered an ICT-service under DORA?

Does an insurance entity licensed outside the EU, which is a subsidiary of a company based in the EU, and with operations also outside the EU, fall within the scope of DORA?

Is it in line with Article 30(3)(e)(i) of Regulation (EU) 2022/2554 (DORA), in conjunction with Article 8 of Commission Delegated Regulation (EU) 2024/1773, to appoint an independent third party to perform a regular joint audit of a third-party ICT service provider that supports critical or importan…

We refer to the upcoming entry into application of the DORA regulation. An institution for occupational retirement has recently contacted the NCA regarding the following issue: - that institution for occupational retirement provides pension benefits for contractual agents (employees) of a regional p…

Pursuant to article 2 of DORA, professionals of the financial sector defined in articles 257 seq. of the Luxembourg law on the insurance sector dated 7 December 2015 (as amended from time to time) are not in the scope of DORA. Nevertheless, some of the professionals of the insurance sector provide I…