DORA RTS on Threat-Led Penetration Testing

Browse Articles Full Text and PDF
Browse Articles Full Text and PDF

Table of Contents

Articles
⊞ ▼
  • Article 1 Definitions
  • Article 2 Identification of financial entities required to perform TLPT
  • Article 3 TCT and TLPT Test Managers
  • Article 4 Organisational arrangements for financial entities
  • Article 5 Risk management for TLPT
  • Article 6 Risk management for pooled or joint TLPTs
  • Article 7 Selection of TLPT providers
  • Article 8 Specificities for pooled or joint TLPTs
  • Article 9 Preparation phase
  • Article 10 Testing phase: threat intelligence
  • Article 11 Testing phase: red team test
  • Article 12 Closure phase
  • Article 13 Remediation plan
  • Article 14 Attestation
  • Article 15 Use of internal testers
  • Article 16 Cooperation and mutual recognition
  • Article 17 Entry into force
Annexes
▼
  • Annex I Content of the project charter (Article 9(2)(a))
  • Annex II Content of the scope specification document (Article 9(6))
  • Annex III Content of the targeted threat intelligence report (Article 10(5))
  • Annex IV Content of the red team test plan (Article 11(1))
  • Annex V Content of the red team test report (Article 12(2))
  • Annex VI Content of the blue team test report (Article 12(4))
  • Annex VII Details of the report summarizing the relevant findings of the TLPT referred to in Article 26(6) of Regulation (EU) 2022/2554
  • Annex VIII Details of the attestation of the TLPT referred to in Article 26(7) of Regulation (EU) 2022/2554
Sponsored by:
RiskNow Logo

Recently Viewed

No recent articles yet

Search results