What is DORA Major ICT Incident Taxonomy?

The DORA major ICT incident taxonomy is the classification framework used to determine whether an ICT-related event qualifies as a major incident under the EU Digital Operational Resilience Act. It matters because classification triggers reporting, escalation, governance, and remediation obligations for regulated financial entities and their ICT providers.

In Depth

In practice, firms use the taxonomy to assess events such as system outages, cyberattacks, data integrity failures, and third-party disruptions against DORA’s criteria and thresholds. The taxonomy helps standardize severity decisions, so compliance and operational teams can determine when an incident becomes reportable, document the basis for the classification, and preserve evidence for supervisory review.

For compliance teams, the key issue is building repeatable incident triage and escalation procedures that align technical detection with legal reporting deadlines. DORA is the main framework that uses this concept, and the taxonomy also interacts with incident response, continuity planning, third-party risk management, and ICT governance controls required under the regulation.

Related Frameworks

DORAISO 27001SOC 2 + AI

Related Topics

CybersecurityRisk Management

Related Terms

Incident Escalation ProceduresChange Management And Incident Response ProceduresCloud Compute And Ai Policy ReviewAi Vendor Outsourcing And Third Party Risk Management

Weekly digest — coming soon

Leave your email to get the first issue when it ships. Free, no account required.

We use your email only for the digest. Privacy policy