ICT-related incident management process
Resumen en lenguaje claro
Las entidades financieras deben implementar un proceso robusto de gestión de incidentes de TIC para detectar, gestionar y notificar incidentes y amenazas significativas. Esto incluye registrar todos los incidentes, identificar causas raíz, asignar responsabilidades claras y establecer planes de comunicación y respuesta para mitigar impactos y asegurar la continuidad del servicio.
Texto oficial (EN)
1. Financial entities shall define, establish and implement an ICT-related incident management process to detect, manage and notify ICT-related incidents.
2. Financial entities shall record all ICT-related incidents and significant cyber threats. Financial entities shall establish appropriate procedures and processes to ensure a consistent and integrated monitoring, handling and follow-up of ICT-related incidents, to ensure that root causes are identified, documented and addressed in order to prevent the occurrence of such incidents.
3. The ICT-related incident management process referred to in paragraph 1 shall: (a) put in place early warning indicators; (b) establish procedures to identify, track, log, categorise and classify ICT-related incidents according to their priority and severity and according to the criticality of the services impacted, in accordance with the criteria set out in Article 18(1); (c) assign roles and responsibilities that need to be activated for different ICT-related incident types and scenarios; (d) set out plans for communication to staff, external stakeholders and media in accordance with Article 14 and for notification to clients, for internal escalation procedures, including ICT-related customer complaints, as well as for the provision of information to financial entities that act as counterparts, as appropriate; (e) ensure that at least major ICT-related incidents are reported to relevant senior management and inform the management body of at least major ICT-related incidents, explaining the impact, response and additional controls to be established as a result of such ICT-related incidents; (f) establish ICT-related incident response procedures to mitigate impacts and ensure that services become operational and secure in a timely manner.
Texto del articulo (traduccion ES)
Las entidades financieras definirán, establecerán y aplicarán un proceso de gestión de incidentes relacionados con las TIC para detectar, gestionar y notificar dichos incidentes. Las entidades financieras registrarán todos los incidentes relacionados con las TIC y las ciberamenazas importantes. Las entidades financieras establecerán procedimientos y procesos adecuados para garantizar una supervisión, gestión y seguimiento coherentes e integrados de los incidentes relacionados con las TIC.