AnuncioPiloto gobernado de 4 semanas: lleve un flujo de trabajo real a producción controlada
KLA Digital Logo
KLA Digital
Herramienta gratuita

Herramienta de brechas de cláusulas DORA Article 30

Comprueba cada contrato con terceros ICT frente a DORA Article 30 —las disposiciones base obligatorias del 30(2) y las cláusulas ampliadas del 30(3) para funciones críticas o importantes— y exporta un informe de cobertura puntuado con las brechas que corregir.

¿Gobiernas proveedores de IA bajo DORA? Lee el gobierno de agentes de AML y pagos.

Clause coverage: 0%

Assessed 0/18 · 0 gaps

Baseline provisions — every ICT third-party contract (Article 30(2))

These clauses are mandatory in all ICT third-party arrangements, regardless of criticality.

DORA Art 30(2)(a)

DORA Art 30(2)(b)

DORA Art 30(2)(c)

DORA Art 30(2)(d)

DORA Art 30(2)(e)

DORA Art 30(2)(f)

DORA Art 30(2)(g)

DORA Art 30(2)(h)

DORA Art 30(2)(i)

Augmented provisions — critical or important functions (Article 30(3))

Where the arrangement supports a critical or important function, the contract must additionally contain these.

DORA Art 30(3)(a)

DORA Art 30(3)(b)

DORA Art 30(3)(c)

DORA Art 30(3)(d)

DORA Art 30(3)(e)

DORA Art 30(3)(f)

Register and AI-vendor linkage

DORA Art 28(3)

DORA Art 28

Cloud-hosted model providers (e.g. OpenAI, Anthropic, Azure OpenAI) are ICT third parties; AML, fraud and chatbot use cases can be critical or important functions.

DORA Art 3(19)-(22)

Prioritised gaps
18 item(s) to address
  • Clear, complete description of all functions and ICT services, including subcontracting conditions Not assessed
  • Locations (regions/countries) where services are provided and data is processed, with change notification Not assessed
  • Provisions on availability, authenticity, integrity and confidentiality of data Not assessed
  • Access, recovery and return of data on insolvency, resolution or termination Not assessed
  • Service level descriptions, including updates and revisions Not assessed
  • Provider assistance on ICT incidents at no additional or agreed cost Not assessed
  • Obligation to fully cooperate with competent and resolution authorities Not assessed
  • Termination rights and minimum notice periods Not assessed
  • Conditions for participation in ICT security awareness programmes and training Not assessed
  • Full service level descriptions with precise quantitative and qualitative performance targets Not assessed
  • Notice periods and provider reporting obligations, including developments that materially impact Not assessed
  • Requirement to implement and test business contingency plans and ICT security measures Not assessed
  • + 6 more in the export.

Export your scored assessment and prioritised gap list. Everything stays in your browser — nothing is uploaded.

Sin periodo de gracia

DORA se aplica desde el 17 January 2025 sin transición para el Article 30: los contratos ICT anteriores a 2025 que omitan estas cláusulas no cumplen hoy.

Base y ampliadas

Separa las cláusulas del 30(2) que necesita todo contrato de las cláusulas del 30(3) requeridas cuando el acuerdo respalda una función crítica o importante.

Tu proveedor de IA es un tercero ICT

Los proveedores de modelos alojados en la nube son terceros ICT bajo DORA; los casos de uso de AML, fraude y chatbot pueden ser funciones críticas o importantes que activan las cláusulas ampliadas.

Aviso legal: Esta herramienta te ayuda a comprobar los contratos con terceros ICT frente a DORA Article 30. No constituye asesoramiento jurídico. Confirma tus obligaciones contractuales con asesores cualificados familiarizados con tus acuerdos.