Harmonization of conduct activities

Preamble (Recitals 1 – 14)

Recitals

Chapter I (Articles 1 – 2)

Information to be provided by ICT third-party service providers in the application for a voluntary request to be designed as critical

Article 1

Information to be provided by ICT third-party service provider in the application for a voluntary request to be designated as critical

Article 2

Assessment of completeness of application

Chapter II (Articles 3 – 6)

Information from critical ICT third-party service providers to the lead overseer

Article 3

Content of information provided by critical ICT third-party service providers

Article 4

Information from critical ICT third-party providers after the issuance of recommendations

Article 5

Structure and format of information provided by critical ICT third-party service providers

Article 6

Information on subcontracting arrangements provided by critical ICT third-party service providers

Chapter III (Article 7)

Competent authorities’ assessment of the measures taken by critical ICT third-party service providers based on recommendations of the lead overseer

Article 7

Competent authorities’ assessment of the risks addressed in the recommendations of the Lead Overseer

Chapter IV (Article 8)

Final provisions

Article 8

Entry into force

Recital 9

The critical ICT third-party service providermeans an ICT third-party service provider designated as critical in accordance with Article 31; should always provide information in a clear, concise and complete manner. Considering the unified nature of the European oversight framework, information should be submitted, disclosed or reported by the ICT third-party service providersmeans an undertaking providing ICT services; pursuant to Article 35(1) in English.
Table of contents