SaaS Agreements – DORA – ICT Supplier Obligations

SaaS suppliers obligations under the Digital Operational Resilience Act,(“DORA”), (Regulation (EU) 2022/2554 on digital operational resilience for the EU financial sector), are effective from the 17th of January 2025. From this date DORA provisions must be included in contracts entered into between financial services entities subject to DORA and their

Continue reading

SaaS, ASP Agreements – FAQs – Security

What data security provisions need to be included in a SaaS agreement? Customer’s Security Obligations – These should be set out in the software licence. Access to the software and services should not be permitted to third parties without prior authorisation from the supplier. The customer should provide the following warranties:
– existence of adequate security measure to ensure access to the software and services does not breach the terms of the SaaS agreement

Continue reading