Source: OJ L, 2025/302, 20.2.2025
EN- Digital operational resilience in the financial sector
ICT-related incidents
- ITS on templates for incident reporting
Annex III Templates for notification of significant cyber threats
Number of field | Data field | |
|---|---|---|
1 | Name of the entity submitting the notification | |
2 | Identification code of the entity submitting the notification | |
3 | Type of the financial entity submitting the notification | |
4 | Name of the financial entity | |
5 | LEI code of the financial entity | |
6 | Primary contact person name | |
7 | Primary contact person email | |
8 | Primary contact person telephone | |
9 | Second contact person name | |
10 | Second contact person email | |
11 | Second contact person telephone | |
12 | Date and time of detection of the cyber threat means ‘cyber threat’ as defined in Article 2, point (8), of Regulation (EU) 2019/881; | |
13 | Description of the significant cyber threat means a cyber threat the technical characteristics of which indicate that it could have the potential to result in a major ICT-related incident or a major operational or security payment-related incident; | |
14 | Information about potential impact | |
15 | Potential incident classification criteria | |
16 | Status of the cyber threat means ‘cyber threat’ as defined in Article 2, point (8), of Regulation (EU) 2019/881; | |
17 | Actions taken to prevent materialisation | |
18 | Notification to other stakeholders | |
19 | Indicators of compromise | |
20 | Other relevant information |
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.