EIOPA Guidelines on Information and Communication Technology (ICT) security and governance

EIOPA issues these Guidelines addressed to the supervisory authorities to provide guidance on how insurance and reinsurance undertakings should apply the governance requirements foreseen in Directive 2009/138/EC6 (“Solvency II Directive”) and in Commission Delegated Regulation (EU) No 2015/357 (“Delegated Regulation”) in the context of ICT security and governance.