Cross-sectoral coordination for ICT risk


To leverage the multi-layered institutional architecture in the financial services area, the Joint Committeemeans the committee referred to in Article 54 of Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010; of the ESAsEuropean Supervisory Authority should continue to ensure overall cross-sectoral coordination in relation to all matters pertaining to ICT riskmeans any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment;, in accordance with its tasks on cybersecurity. It should be supported by a new Subcommittee (the ‘Oversight Forum’) carrying out preparatory work both for the individual decisions addressed to critical ICT third-party service providersmeans an ICT third-party service provider designated as critical in accordance with Article 31;, and for the issuing of collective recommendations, in particular in relation to benchmarking the oversight programmes for critical ICT third-party service providersmeans an ICT third-party service provider designated as critical in accordance with Article 31;, and identifying best practices for addressing ICT concentration riskmeans an exposure to individual or multiple related critical ICT third-party service providers creating a degree of dependency on such providers so that the unavailability, failure or other type of shortfall of such provider may potentially endanger the ability of a financial entity to deliver critical or important functions, or cause it to suffer other types of adverse effects, including large losses, or endanger the financial stability of the Union as a whole; issues.