Create a contract and enhance digital resilience data

  • Release version: Australia
  • Updated May 15, 2026
  • 3 minutes to read

    • Create a contract record in Digital resilience third-party registers using Third-party Risk Management where you add details of the contract such as vendor name, start and end dates, state, substate. You can then enhance its digital resilience information for compliance with DORA regulation.

    Before you begin

    Role required: sn_vdr_risk_asmt.vendor_assessor

    About this task

    The Digital resilience third-party registers include details about who within your organization is using externally outsourced ICT services, which functions and branches are using them, and who the third-party providers and their engagements are. The contracts link these two aspects together.

    The contracts link both parties—those using the information and those providing it. Essentially, they bind legal entities, branches, and functions to third parties and third-party engagements.

    You can navigate to the contracts from the Contracts menu item in Digital resilience third-party registers. Alternatively, you can navigate to the legal entities record, open the Legal entities tab, and navigate to the contracts.

    Note:
    The annual expense may be converted during report generation if currency conversion is enabled. If aggregation is enabled and all criteria are met, contract expenses may also be combined into a provider‑level total.

    After setting up contract and Specific Information records, you can generate a Register of Information reporting package. For more information, see Generate a register of information package.

    Procedure

    1. Navigate to Workspaces > Vendor Management Workspace, select the list icon and then navigate to Digital resilience third-party registers.
    2. Select Contracts and then create a contract by selecting New.
    3. On the form, fill in the fields.
      For descriptions of all these fields, see Create New Contract form.
    4. Select Save.
    5. To submit the contract for review, select Submit for Review.
    6. To add entities signing the contract to use the ICT services associated with the contract, navigate to the Entities signing contract to use service related list of the contract record and select Add.
    7. Select Save.
    8. To add entities using the ICT services associated with the contract, navigate to the Entities making use of services related list of the contract record and select Add.
    9. Select Save.
      Note:
      When creating multiple entities using the ICT services, the combination of LEI and Nature of the entity must be unique. If the nature of the entity is a branch, the combination of the LEI of the entity, Nature of the entity, and the identification code of the branch must be unique.
    10. To add entities signing the contract to provide ICT services associated with the contract, navigate to the Entity providing services related list of the contract record and select Add.
    11. Select Save.
    12. To add third parties signing the contract to provide ICT services associated with the contract, navigate to the Third party signing contract to provide services related list of the contract record and select Add.
    13. Select Save.
    14. To add third-party engagements signing the contract to provide ICT services associated with the contract, navigate to the Third-party engagements signing contract related list of the contract record and select Add.
    15. Select Save.
    16. To set up the digital resilience information for DORA regulation, navigate to the Specific information related list and create a contractual arrangement by selecting New.
    17. On the form, fill in the fields.
    18. Select Save.
    19. To add intra-group contractual arrangements, navigate to the Intra-group contractual arrangements tab of the contract and select Add.
    20. Select Save.
    21. To add ICT service supply chains associated with the contract, navigate to the ICT service supply chains tab of the contract and select New and fill in the fields.
    22. Select Save.
    23. To add Assessments of the ICT services associated with the contract, navigate to the Assessments of the ICT services tab of the contract and select New and fill in the fields.
    24. Select Save.
      For descriptions of all these fields, see Create New Contractual arrangement form.
      Note:
      The annual expense may be converted during report generation if currency conversion is enabled. If aggregation is enabled and all criteria are met, contract expenses may also be combined into a provider‑level total.
    25. To edit the contract record, select it from the list and select Save after making your edits.
    26. To export contract records, select Export.
    27. To delete the contract record, select it from the list and select Delete.