>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

Article 26.2Article 26.2

>Control Description

Each threat-led penetration test shall cover several or all critical or important functions of a financial entity, and shall be performed on live production systems supporting such functions. Financial entities shall identify all relevant underlying ICT systems, processes and technologies supporting critical or important functions and ICT services, including those supporting the critical or important functions which have been outsourced or contracted to ICT third-party service providers. Financial entities shall assess which critical or important functions need to be covered by the TLPT. The result of this assessment shall determine the precise scope of TLPT and shall be validated by the competent authorities.

>Cross-Framework Mappings

SCF

VPM-07
Compare

Ask AI

Configure your API key to use AI features.