It is necessary to establish standard templates for the purposes of the register of information in relation to all contractual arrangements on the use of ICT servicesmeans digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; provided by information and communication technology (ICT) third-party service providers referred to in Article 28(3) of Regulation (EU) 2022/2554. Information gathered from that register is essential for the financial entities’ internal ICT riskmeans any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management, for the effective supervision of the financial entitiesas defined in Article 2, points (a) to (t) by their competent authoritiesas defined in Article 46, and for the establishment and conduct of oversight of the critical ICT third-party providers by the Lead Overseermeans the European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation;. Furthermore, that information is essential for the annual process to designate critical ICT third-party service providersmeans an ICT third-party service provider designated as critical in accordance with Article 31; by the European Banking Authority, the European Insurance and Occupational Pensions Authority and the European Securities and Markets Authority (collectively ‘European Supervisory Authorities’ (ESAsEuropean Supervisory Authority)).