Details
- Publication date
- 12 October 2020
Description
Start application: 01/07/2021
End application: 17/01/2025 (see here)
In accordance with Article 16 of Regulation (EU) No 1094/20104 EIOPA issues these Guidelines addressed to the supervisory authorities to provide guidance on how insurance and reinsurance undertakings should apply the governance requirements foreseen in Directive 2009/138/EC5 (“Solvency II Directive”) and in Commission Delegated Regulation (EU) No 2015/356 (“Delegated Regulation”) in the context of information and communication technology security and governance.
The objective of these Guidelines is to:
- provide clarification and transparency to market participants on the minimum expected information and cyber security capabilities, i.e. security baseline;
- avoid potential regulatory arbitrage;
- foster supervisory convergence regarding the expectations and processes applicable in relation to ICT security and governance as a key to proper ICT and security risk management.
Files
Guidelines on information and communication technology security and governance.pdf
- български
- español
- čeština
- dansk
- Deutsch
- eesti
- ελληνικά
- français
- hrvatski
- italiano
- latviešu
- lietuvių
- magyar
- Malti
- Nederlands
- polski
- português
- română
- slovenčina
- slovenščina
- suomi
- svenska
Resolution of comments of Guidelines on ICT governance and security
Austria.xls
Belgium.xls
Bulgaria
Croatia.xls
Cyprus.xls
Czech Republic.xls
Denmark.xls
Estonia.xls
Finland.xls
France.xls
Germany.xls
Greece.xls
Hungary.xls
Iceland.xls
Ireland.xls
Italy.xlsx
Lativa.xls
Liechtenstein.xlsx
Lithuania.xls
Luxembourg.xls
Malta.xls
Netherlands.xls
Norway.xlsx
Overview of replies.xlsx
Poland.xls
Portugal.xls
Romania.xls
Slovakia.xls
Slovenia.xls
Spain.xls
Sweden.xls