The Bank of Italy has published instructions and a standard template for the ICT security assessments it requested in its 23 December 2024 communication to the market. The exercise asks financial entities to assess their current status against the requirements of the Digital Operational Resilience Act (Regulation (EU) 2022/2554, DORA) and to conduct a self-assessment of their ICT risk management framework. The supervisor is providing the template to help intermediaries carry out the assessments and to improve the comparability of responses.
Bank of Italy 2025-02-13
Bank of Italy provides a standard template for DORA ICT risk self-assessments
The Bank of Italy has issued instructions and a standard template for ICT security assessments, as requested in its December 2024 communication. Financial entities are to evaluate their compliance with the Digital Operational Resilience Act (DORA) and self-assess their ICT risk management frameworks. The template aims to aid intermediaries and enhance response comparability.