This Regulation specifies further the elements to be taken into account by [F1RDSPs] when identifying and taking measures to ensure a level of security of network and information systems which they use in the context of offering services referred to in Annex III to Directive (EU) 2016/1148 and specifies further the parameters to be taken into account to determine whether an incident has a substantial impact on the provision of those services.
Textual Amendments
F1Word in Regulation substituted (20.1.2021) by The Network and Information Systems (Amendment etc.) (EU Exit) Regulations 2019 (S.I. 2019/653), Sch. para. 14(3); 2020 c. 1, Sch. 5 para. 1(1)