EIOPA: Guidelines on information and communication technology security and governance

EIOPA: Guidelines on information and communication technology security and governance

EIOPA: Guidelines on information and communication technology security and governance 150 150 ECIIA

EIOPA issued the Guidelines addressed to the supervisory authorities to provide guidance on how insurance and reinsurance undertakings should apply the governance requirements foreseen in Directive 2009/138/EC5 (“Solvency II Directive”) and in Commission Delegated Regulation (EU) No 2015/356 (“Delegated Regulation”) in the context of information and communication technology security and governance.

The objective of these Guidelines is to:

  • provide clarification and transparency to market participants on the minimum expected information and cyber security capabilities, i.e. security baseline;
  • avoid potential regulatory arbitrage;
  • foster supervisory convergence regarding the expectations and processes applicable in relation to ICT security and governance as a key to proper ICT and security risk management.

Read more at EIOPA’s website.

Our website uses cookies, mainly from 3rd party services. Please read our Privacy & Cookies Policy to learn more.