DORA

123456789101112131415
Across
  1. 2. Financial entities shall identify, classify and adequately document all ICT supported business functions, roles and responsibilities, the information ****** and ICT ****** supporting those functions, and their roles and dependencies in relation to ICT risk.
  2. 5. What must be promptly renewed to ensure ongoing security?
  3. 7. Who is responsible for implementing the ICT risk management framework in financial entities?
  4. 9. How frequently should vulnerability scanning be performed on critical ICT assets?
  5. 12. What is the main subject matter of DORA?
  6. 14. What must cryptographic keys be protected against throughout their lifecycle?
  7. 15. The **** plan with a third party must be based on realistic scenarios and assumptions.
Down
  1. 1. What technique can be used in network design to limit contagion during cyber attacks?
  2. 3. What must financial entities use for advanced testing of ICT tools?
  3. 4. What should financial entities have to ensure data restoration?
  4. 6. What must financial entities report to relevant authorities?
  5. 8. How often per year should a review of access rights for ICT systems that support critical or important functions be performed
  6. 10. What percentage of affected clients using a service meets the materiality threshold for major incidents?
  7. 11. What is the abbreviation of " a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law;"
  8. 13. What must ICT security policies ensure regarding data?