Publication of the second wave of RTS and ITS under DORA
- Determination of aggregated costs and losses for ICT-related incidents (Art. 11 para. 1 DORA)
- Reporting of significant ICT-related incidents (Art. 20 lit. a), b) DORA)
- Centralization of incident reporting (Art. 21 DORA)
- Specification of threat lead penetration testing (Art. 26 para. 1 DORA)
- Identification of critical / important ICT services (Art. 30 para. 5 DORA)
Further details on the legal acts can be found here.