Annex I | Content of the project charter (Article 9(2)(a))

Item of information	Information required
Person responsible for the project plan, i.e. the Control Team Lead	Name Contact details
Testers	internal external both
Communication channels selected in accordance with Article 9(2), point (d), and Article 9(4) point (a), including: email encryption to be used online data rooms to be used instant messaging to be used
Codename for the TLPT(threat-led penetration testing) a framework that mimics the tactics, techniques and procedures of real-life threat actors perceived as posing a genuine cyber threat, that delivers a controlled, bespoke, intelligence-led (red team) test of the financial entity’s critical live production systems
If any, critical or important functions means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law; the financial entity operates in other Member States	list of critical or important functions means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law; operated in another Member State for each critical or important function means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law;, indication of the Member State or States in which they are operated
If any, critical or important functions means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law; supported by ICT third party service providers	list of critical or important functions means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law; supported by ICT third-party service providers means an undertaking providing ICT services; for each function, identification of the ICT third party service provider
Expected deadlines for the completion of the:
Preparation Phase, in accordance with Article 9	yyyy-mm-dd
Testing Phase, in accordance with Articles 10 and 11	yyyy-mm-dd
Closure Phase, in accordance with Article 12	yyyy-mm-dd
Remediation plan in accordance with Article 13	yyyy-mm-dd