Search Results for “Information security” – Page 3

Engagement of the réviseurs d’entreprises agréés (approved statutory auditors) of support PFS and practical rules concerning the management letter and the separate report to be drawn up on an annual basis.

PDF (287.59Kb)

PDF (290.59Kb)

CSSF FAQ

Published on 05.01.2024

CSSF FAQ related to Circular CSSF 24/847 on ICT-related incident reporting framework

PDF (341.29Kb)

PDF (331.47Kb)

CSSF circular

Published on 05.01.2024

Circular CSSF 24/847

on ICT-related incident reporting framework

PDF (300.89Kb)

PDF (213.33Kb)

Guidelines

Published on 12.07.2021

ESMA Guidelines on outsourcing to cloud providers

ESMA50-164-4285

Link

Communiqué

Published on 15.01.2025

Entry into application of DORA regulation on 17 January 2025

Page

Communiqué

Published on 15.10.2020

Designation of Operators of Essential Services

Page

Communiqué

Published on 11.07.2024

Luxembourg “DORA Law” published in the Official Journal

Page

Communiqué

Published on 28.02.2025

DORA – Postponement of notification to financial entities of their obligation to report a major incident on weekends or bank holidays

Page

RTS

Published on 13.02.2025

Commission Delegated Regulation (EU) 2025/295 of 24 October 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards on harmonisation of conditions enabling the conduct of the oversight activities

Lien

Link

ITS

Published on 20.02.2025

Commission Implementing Regulation (EU) 2025/302 of 23 October 2024

laying down implementing technical standards for the application of Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to the standard forms, templates, and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat

Lien

Link

RTS

Published on 20.02.2025

Commission Delegated Regulation (EU) 2025/301 of 23 October 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats

Lien

Link

Communiqué

Published on 07.10.2024

Results of the DORA readiness survey conducted in September 2024

Page

Studies and reports

Published on 07.10.2024

Results of the DORA readiness survey

PDF (908.88Kb)

Name	Description	Duration
cssf_cookies	Saves information regarding the user's consent to the use of cookies for each optional category.	1 year
ROUTEID	Technical cookie allowing load distribution.	Deleted when the browsing session ends
TBMCookie*	Security: This cookies protects the website against automated attacks.	Deleted when the browsing session ends
__utmvc	These first party cookies are set by a third party service to filter out malicious requests.	Deleted when the browsing session ends
__utmvm*	These first party cookies are set by a third party service to filter out malicious requests.	15 minutes

Name	Description	Duration
cssf_profile	This cookie adapts the website pages to the profile chosen by the visitor (professionals, markets, consumers).	1 year
pll_language	This cookie saves the user’s language choice.	1 year

Name	Description	Duration
_pk_id.#	Collects anonymous statistical data on the website consultations, such as the number of visits or the average time spent on the website. The data is processed in-house and is not shared with a third party.	1 year
_pk_ses.#	Collects anonymous statistical data for the tracking of the pages consulted during the browsing session. The data is processed in-house and is not shared with a third party.	30 minutes

Search Results for Information security

Advanced filters

93 Result(s)

Separate Report for support PFS de support authorised under Articles 29-3, 29-5 or 29-6 of the LFS and categorised as “Medium risk”

Separate Report for support PFS de support authorised under Articles 29-3, 29-5 or 29-6 of the LFS and categorised as “Low risk”

Self-Assessment Questionnaire for support PFS de support authorised under Articles 29-1 or 29-2 of the LFS and categorised as “Low risk”, “Medium risk” or “High risk”

Self-Assessment Questionnaire for support PFS de support authorised under Articles 29-3, 29-5 or 29-6 of the LFS and categorised as “High risk”

Self-Assessment Questionnaire for support PFS de support authorised under Articles 29-3, 29-5 or 29-6 of the LFS and categorised as “Medium risk”

Self-Assessment Questionnaire for support PFS de support authorised under Articles 29-3, 29-5 or 29-6 of the LFS and categorised as “Low risk”

Rotation plan

Circular CSSF 24/850

CSSF FAQ related to Circular CSSF 24/847 on ICT-related incident reporting framework

Circular CSSF 24/847

ESMA Guidelines on outsourcing to cloud providers

Entry into application of DORA regulation on 17 January 2025

Designation of Operators of Essential Services

Luxembourg “DORA Law” published in the Official Journal

DORA – Postponement of notification to financial entities of their obligation to report a major incident on weekends or bank holidays

Commission Delegated Regulation (EU) 2025/295 of 24 October 2024

Commission Implementing Regulation (EU) 2025/302 of 23 October 2024

Commission Delegated Regulation (EU) 2025/301 of 23 October 2024

Results of the DORA readiness survey conducted in September 2024

Results of the DORA readiness survey