Digital Operational Resilience Act (DORA)
In November 2022, the Council of the European Union and the European Parliament formally adopted the Regulation (EU) 2022/2554 on Digital Operational Resilience Act for the financial sector (DORA). The DORA creates a binding comprehensive information and communication technology (ICT) risk management framework for the EU financial sector. The DORA establishes technical standards that financial entities and their critical third-party technology service providers must implement in their ICT systems on January 17, 2025.
To summarise, DORA is your ICT Risk Management Framework/
Dora encompasses 4 pillars:
-
ICT Risk Management
-
ICT Incident Management
-
Digital Testing
-
Third-Party Risk Management
DORA full scope requires to respond to 250 criteria.
Industry Standard Solutions
Scope Analysis
Determine the scope, Identify stakeholders and deliverables and assign deliverables to stakeholders
Compliance Tracker
Presentation of the results and the adherence scheme of the client ICT Risk Framework to the DORA requirements
Gap Analysis
Assess the gap between your current framework and requirements of DORA
Remediation
Presentation of a remediation action plan on governance and operational aspects