Content Options:

Content Options

View Options:


You are viewing the version of the document as on 2025-12-01.

CTPS 5.3 Incident management playbook exercise

CTPS 5.3.1R

1As part of its obligation under CTPS 5.1.1R (General evidence requirement), a critical third party must assess the effectiveness of its incident management playbook regularly, including undertaking an appropriate incident management playbook exercise with a representative sample of the firms to which it provides systemic third party services within 12 months of the critical third party being designated by the Treasury and at least biennially thereafter.

CTPS 5.3.2R

1A critical third party must, as soon as is practicable, prepare and submit to the regulators a report of the incident management playbook exercise undertaken under CTPS 5.3.1R (including any actions taken in the light of the results of that exercise).