Content Options:

Content Options

View Options:


You are viewing the version of the document as on 2025-12-01.

CTPS 7.1 Information sharing with firms

CTPS 7.1.1R

1A critical third party must have in place effective and secure processes and procedures to ensure sufficient and timely information is given to a firm to which it provides any systemic third party services to enable that firm to manage adequately risks related to its use of the critical third party’s systemic third party services.

CTPS 7.1.2R

1The information referred to in CTPS 7.1.1R includes, but is not limited to:

  1. (1)

    results of testing and exercising carried out in accordance with CTPS 5 (Assurance, scenario testing and incident management playbook exercise) (including any action taken in the light of the results of the testing and exercising);

  2. (2)

    the annual self-assessment prepared in compliance with CTPS 6.1.1R(2) (Self-assessment), redacted as appropriate; and

  3. (3)

    the appropriate maximum tolerable level of disruption set by the critical third party in accordance with CTPS 4.8.1R(2) for each systemic third party service provided to the firm.