This Regulation establishes standard templates for the purposes of the register of information, including information that is common to all contractual arrangements on the use of information and communication technology (ICT) services. Information gathered from the register of information is essential for (i) the financial entities’ internal ICT riskany reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment management, (ii) the effective supervision of the financial entitiesas defined in Article 2, points (a) to (t) by their competent authoritiesas defined in Article 46 and (iii) the establishment and conduct of oversight of the critical ICT third-party providers by the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation as well as the annual process to designate critical ICT third-party service providersan ICT third-party service provider designated as critical in accordance with Article 31 by the European Supervisory Authorities (ESAsEuropean Supervisory Authority).