Showing results for 
Search instead for 
Did you mean: 
No ratings
Archer Employee
Archer Employee

The European Baking Authority (EBA) is an independent European Union (EU) Authority that works to ensure effective and consistent prudential regulation and supervision across the European banking sector. The EBA plays an important role in promoting convergence of supervisory practices to ensure a harmonised application of prudential rules. 


The complexity of information and communication technology (ICT) has led to more security and cyber-related incidents for financial institutions in recent years. This development is due to the increasing digitalisation of the financial sector and the evolving interconnectedness through telecommunications channels (internet, mobile and wireless lines, and wide area networks) and with other financial institutions and third parties.


These changes render financial institutions’ operations vulnerable to external security attacks, including cyber-attacks; therefore, recognising the need for preparedness for cybersecurity, the EBA Guidelines on ICT and Security Risk Management implicitly cover the need for cybersecurity within the financial institution’s information security measures. Within the guidelines, the EBA has provided detailed guidance regarding how supervisors should monitor ICT and security risks within their organisation, how financial institutions should manage outsourcing, and the expectations for ICT and security risk management for financial institutions.



This content is available in English only.



Mappings for the European Banking Authority (EBA) Guidelines on ICT and Security Risk Management Authoritative Source content to the Archer Control Standard Library are available in the authoritative source content pack.


Content Source

The source of this content comes from the European Banking Authority.


Licensing Restrictions

The European Banking Authority (EBA) Guidelines on ICT and Security Risk Management content is available with the use of the Archer Policy Program Management use case, the Archer IT Policy Program Management use case, and/or the Archer Assessment & Authorization use case. No additional license is required.


For More Information

To learn more about the European Banking Authority (EBA) Guidelines on ICT and Security Risk Management Authoritative Source Content:


For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case.

Was this article helpful? Yes No
Version history
Last update:
‎2021-08-19 05:10 PM
Updated by: