EBA Guidelines on ICT Risk Management

06 October 2016

The European Banking Authority (EBA) launched a consultation on its draft Guidelines on the assessment of the ICT risk in the context of the Supervisory Review and Evaluation Process (SREP).

The key purpose of SREP is to ensure that institutions have adequate strategies and processes to ensure a sound management of their risks. The growing importance of ICT risk within the banking industry led the EBA to develop these Guidelines on its own initiative. There are addressed to competent authorities in order to promote procedures and methodologies for the assessment of ICT risk.

Comments can be sent to the EBA by clicking on the "send your comments" button on the consultation page. The deadline for the submission of comments is 06 January 2017.