DORA-Art14-P1

Article
14 (1)
Pillar
ICT Risk Management
Regulation Ref
Regulation (EU) 2022/2554, Article 14(1)
Last Reviewed
2026-01-15

Financial entities shall put in place resources and capabilities to monitor, handle and follow up on ICT-related incidents, and shall ensure that root causes are identified, documented and addressed to prevent the occurrence of such incidents.

Evidence Profiles

ICT Incident Lessons Learned Reports PARTIAL

Plain text reports documenting lessons learned from ICT-related incidents, including root cause analysis, corrective actions, and process improvements as required by DORA Article 14.

Formats
PLAIN_TEXT PDF
Evidence Class
ict-lessons-learned
Availability
PARTIAL
Update Frequency
event-driven
Typical Author
Incident Manager
Approval Chain
Incident Manager → CISO

Content Sections

Expected Fields

Common Quality Issues

Fact Schemas

ict_lessons_learned_status

Schema ID
fs-ict-lessons-learned
Control
DORA-Art14-P1

Valid Ranges

reporting_period_end
within last 12 months
lessons_documented
should be >= incidents_reviewed for thorough process

JSON Schema

{
  "properties": {
    "corrective_actions_completed": {
      "minimum": 0,
      "type": "integer"
    },
    "corrective_actions_identified": {
      "minimum": 0,
      "type": "integer"
    },
    "incidents_reviewed": {
      "minimum": 0,
      "type": "integer"
    },
    "lessons_documented": {
      "minimum": 0,
      "type": "integer"
    },
    "policy_changes_triggered": {
      "minimum": 0,
      "type": "integer"
    },
    "reporting_period_end": {
      "format": "date",
      "type": "string"
    },
    "reporting_period_start": {
      "format": "date",
      "type": "string"
    },
    "root_cause_analyses_performed": {
      "minimum": 0,
      "type": "integer"
    }
  },
  "required": [
    "reporting_period_start",
    "reporting_period_end",
    "incidents_reviewed",
    "lessons_documented"
  ],
  "type": "object"
}