In this episode, our MFSA’s ICT Risk and Cybersecurity function goes through the requirements of Chapter III of the DORA Regulation with regard to managing, classification and reporting of ICT-related incidents. We discuss in detail what financial entities are expected to have when in place in both pre- and post-incident phases, in terms of classification and reporting.