Recital 44
Digital Operational Resilience Act · UE 2022/2554
| (44) | As only those financial entities identified for the purposes of the advanced digital resilience testing should be required to conduct threat-led penetration tests, the administrative processes and financial costs entailed in the performance of such tests should be borne by a small percentage of financial entities. |