RTS & ITS Major incident reporting
This is the regulatory technical standard (RTS) on major incident reporting as adopted by the European Commission according to DORA Article 20, using the final draft available from the European Banking Authority (EBA) as source. The RTS was published in July 2024 and is expected to become applicable on 17 January 2025 alongside DORA.
This text is provided as-is and should not be relied upon as an authoritative source. Instead, consult the Official Journal for the authoritative version once published.
We are not aware of any material differences between the draft and authoritative versions but will ensure to update these pages to reflect the authoritative version as soon as possible.
Our commitment is to continuously enhance this platform, improving readability and navigation for your convenience. Stay updated on our progress by following us on LinkedIn, where we announce new features. If you have any questions or suggestions, please feel free to reach out to us at dora@springflod.se.
Enjoy.
Table of Contents
Preamble
1 – 8
Recitals
Article 1
General provisions
Article 2
General information to be provided in the major incident initial notification, intermediate and final reports
Article 3
Content of initial notifications
Article 4
Content of intermediate reports
Article 5
Content of final reports
Article 6
Time limits for the initial notification and intermediate report and final reports referred to in Article 19(4) of Regulation (EU)2022/2554
Article 7
Content of the voluntary notification of significant cyber threat
Article 8
Entry into force