To facilitate ICT-related incidentsmeans a single event or a series of linked events unplanned by the financial entity that compromises the security of the network and information systems, and have an adverse impact on the availability, authenticity, integrity or confidentiality of data, or on the services provided by the financial entity; detection, financial entitiesas defined in Article 2, points (a) to (t) should retain evidence of those incidents. To ensure, on the one hand, that such evidence is retained sufficiently long and to avoid, on the other hand, an excessive regulatory burden, financial entitiesas defined in Article 2, points (a) to (t) should determine the retention period considering, among other things, the criticality of the data and retention requirements stemming from Union law.