Outdated browser

You are using an outdated browser. DNB.nl works best with:

Announcement: IT risk self-assessment

News item supervision
Read aloud

Published: 26 April 2022

Iemand bij de hardware van een grote computer

The 2021 supervisory agenda includes an IT self-assessment for payment institutions and electronic money institutions. The purpose of this assessment is to obtain an up-to-date overview of institutions’ management of IT risks. The questionnaire, explanatory notes and information about the deadline will be made available to the participating institutions at the beginning of June.

Compared to last year, we have made some changes to the format of this self-assessment. This year, institutions can also use existing independent audit reports to demonstrate their adequate management of IT risks. The questionnaire is also better aligned with the EBA Guidelines on ICT and security risk management (EBA/GL/2019/04) and outsourcing (EBA/GL/2019/02). We discussed the changes to the format to improve the clarity of the assessment with a number of institutions.

Not all licensed institutions will have to complete this self-assessment: institutions that recently obtained their license or were recently subjected to a more in-depth IT examination will not be asked to participate.

We will share the key observations from the assessment with the sector in the second half of this year.

Discover related articles

Interesting articles

DNB uses cookies

We use cookies to optimise the user-friendliness of our website. 
Read more about the cookies we use and the data they collect in our cookie notice.

To ensure the proper operation of the website, De Nederlandsche Bank (DNB) uses functional cookies and analytics cookies, and has taken measures to ensure that these cookies have little or no impact on the privacy of website users.

Some pages include embedded content from external websites. These websites may use proprietary (tracking) cookies. This allows third parties to track visitor statistics, show personalised content and display targeted ads, for example. You can make your choice about allowing these optional cookies both when you first visit the website and when you navigate to a page with embedded content.