Art 9 - Protection and prevention

Article 9 of the Digital Operational Resilience Act requires financial entities to put in place protective and preventive measures for their information-and-communication technology systems, including risk-based safeguards, incident-prevention protocols and regular testing to ensure ongoing operational resilience.