How many controls does EBA Guidelines on ICT and Security Risk Management have?

EBA Guidelines on ICT and Security Risk Management contains 26 controls organized across 6 domains.

Where does EBA Guidelines on ICT and Security Risk Management apply?

EBA Guidelines on ICT and Security Risk Management is applicable in European Union (EBA). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does EBA Guidelines on ICT and Security Risk Management map to?

EBA Guidelines on ICT and Security Risk Management has control-to-control mappings with 586 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with EBA Guidelines on ICT and Security Risk Management compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

EBA Guidelines on ICT and Security Risk Management (EBA/GL/2019/04)

The European Banking Authority (EBA) Guidelines on ICT and Security Risk Management (EBA/GL/2019/04, revised 2024 to align with DORA) establish requirements for financial institutions' management of ICT and security risks. They cover ICT governance, risk management framework, information security, ICT operations, business continuity, and payment service security.

Domains

3.7 Business Continuity Management

3.6 ICT Project and Change Management

3.5 ICT Operations Management

3.4 Information Security

3.3 ICT and Security Risk Management Framework

Frequently Asked Questions

Map EBA Guidelines on ICT and Security Risk Management (EBA/GL/2019/04) to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform