DORA · Chapter II — ICT risk management
Art. 6 ICT risk management framework
Maintain a sound, comprehensive and well-documented ICT risk-management framework as part of the overall risk-management system.
Mapped across 16 provisions
Equivalent and related requirements in other frameworks and regulations.
- CCPA / CPRARelatedCurated§1798.100 Consumers' right to know and notice at collection
Gouvernance et politique de sécurité
- CCPA / CPRARelatedCurated§1798.150 Duty to implement reasonable security
Évaluation et gestion des risques
- GDPRRelatedCuratedArt. 25 Data protection by design and by default
Gouvernance et politique de sécurité
- GLBARelatedCurated§314.4(a) Designate a qualified individual
Gouvernance et politique de sécurité
- HIPAARelatedCurated§164.308(a)(1) Security management process
Évaluation et gestion des risques
- ISO 27001RelatedCuratedA.5.1 Policies for information security
Gouvernance et politique de sécurité
- LGPDRelatedCuratedArt. 50 Good practices and governance rules
Gouvernance et politique de sécurité
- LGPDRelatedCuratedArt. 46 Security measures
Évaluation et gestion des risques
- NIS2RelatedCuratedArt. 21(2)(a) Risk analysis and information system security policies
Gouvernance et politique de sécurité
- NIST 800-171RelatedCurated3.11.1 Periodically assess risk
Évaluation et gestion des risques
- NIST 800-53RelatedCuratedPM-1 Information security program plan
Gouvernance et politique de sécurité
- NIST 800-53RelatedCuratedRA-3 Risk assessment
Évaluation et gestion des risques
- NIST CSF 2.0RelatedCuratedGV.OC-01 Organizational mission and security role understood
Gouvernance et politique de sécurité
- NIST CSF 2.0RelatedCuratedID.RA-01 Vulnerabilities identified and recorded
Évaluation et gestion des risques
- PCI DSSRelatedCuratedReq. 12 Support information security with organizational policies and programs
Gouvernance et politique de sécurité
- SOC 2RelatedCuratedCC1.1 Integrity and ethical values
Gouvernance et politique de sécurité