Policy paper

G7 Fundamental Elements for third party cyber risk management in the financial sector 24.10.2018

A guide to the Third Party Cyber Risk Management Life Cycle within an individual entity and system-wide monitoring of cyber risk.

This was published under the 2022 to 2024 Sunak Conservative government

Documents

G7 Fundamental Elements for third party cyber risk management in the financial sector 24.10.2018

Request an accessible format.
If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email digital.communications@hmtreasury.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

Details

The following Fundamental Elements consider the Third Party Cyber Risk Management Life Cycle within an individual entity and system-wide monitoring of cyber risk. Entities and third parties can use them as part of their cyber risk management toolkit. In doing so, entities should apply a proportionate approach that takes into account the size, nature, scope, complexity and potential systemic significance of cyber risks. Authorities within and across jurisdictions can use the Fundamental Elements to inform their public policy, regulatory and supervisory efforts to address third party cyber risks.

Updates to this page

Published 3 February 2023

Sign up for emails or print this page