Digital operational resilience

The rules for digital operational resilience apply to almost all financial institutions within the financial sector. The aim of these rules is to establish a high common level of digital operational resilience related to the use of information technologies by financial entities. The rules for digital operational resilience primarily cover areas such as ICT risk management, reporting of significant incidents and notification of major cyber threats, testing digital operational resilience, sharing operational information related to cyber threats and vulnerabilities, and managing risks associated with the provision of ICT services by third parties.

• Laws and regulations
  (An overview of laws and implementing regulations relating to the given financial sector. Also contains directly binding EU regulations where issued in the given sector).
  • Acts and directly binding EU regulations
  • Decrees and provisions
• Methodological and interpretative documents
  (An overview of current official information, opinions and replies relating to acts and regulations of the given financial sector).
  • Official information
  • Answers to enquiries
  • Other documents
• Consultation documents and proposals
  (Newly prepared documents, which the CNB publishes for discussion or to provide information to financial market participants).

---

Note:
The above-mentioned legal rules are for information only. The sole authentic wording of legal rules is the version published in the Collection of Laws or in the CNB Bulletin.