(5) ‘ICT risk’ means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment;

DORA, Article 3, point (5).

• Article 4
• Article 5
• Article 6
• Article 7
• Article 8
• Article 9
• Article 11
• Article 12
• Article 13
• Article 14
• Article 15
• Article 16
• Article 24
• Article 26
• Article 28
• Article 31
• Article 32
• Article 33
• Article 44
• Article 60
• Article 61