DORA consumes part of CER directive


Given the strong interlinkages between the digital resilience and the physical resilience of financial entitiesas defined in Article 2, points (a) to (t), a coherent approach with regard to the resilience of critical entities is necessary in this Regulation and Directive (EU) 2022/2557 of the European Parliament and the Council (9)Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (see page 164 of this Official Journal).. Given that the physical resilience of financial entitiesas defined in Article 2, points (a) to (t) is addressed in a comprehensive manner by the ICT riskmeans any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management and reporting obligations covered by this Regulation, the obligations laid down in Chapters III and IV of Directive (EU) 2022/2557 should not apply to financial entitiesas defined in Article 2, points (a) to (t) falling within the scope of that Directive.