The Digital Operational Resilience Act 

The Digital Operational Resilience Act (DORA) presents a pivotal moment to assess and fortify your ICT risk management practices, ensure they firmly underpin your business – safeguarding it against disruptions and cyber threats.

Latest Insights

Joint-ESAs Public Event on DORA 2024 dry-run on collection of registers of information

The ESAs and the competent authorities are introducing this voluntary exercise

Now is the Time to Act

DORA is a significant EU legislation that came into force on January 16, 2023 and will be applicable from January 17, 2025.  It strengthens the digital operational resilience of the financial sector, ensuring robustness against cyber threats and disruptions.

DORA aims to standardise and enhance Information Communication Technology (ICT) security and create a streamlined digital framework throughout the European Union.  It will ensure that the European financial sector remains resilient even during severe operational disruptions.

DORA DEADLINE – 17 JANUARY 2025

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

DM Dora TimeLine vert v9

Overcoming Challenges of DORA 

DORA encompasses 5 core pillars, each addressing critical aspects within ICT and cybersecurity for financial entities:

ICT Risk Management

This pillar focuses on establishing robust processes to minimise the impact of ICT risks.  Financial entities are required to provide proof of internal governance and control frameworks to effectively manage all ICT risks. DORA places significant emphasis on  management responsibility for digital operational resilience and the need for a comprehensive ICT risk management framework.

Digital Operational Resilience Testing

Financial entities are required to conduct both basic and advanced resilience testing of their ICT framework on a regular basis, including involvement of internal audit. Testing ensures readiness to withstand disruptions and threats – contributing to overall operational resilience.

p

Information and Intelligence Sharing

Collaboration and exchange of information on cyber threats are essential. DORA provides a framework for effective information-sharing of cyber threats and intelligence amongst financial entities, outlining specific requirements for processes and systems to defend against them.

ICT-related Incident Reporting

DORA emphasises the importance of reporting and managing ICT-related incidents. Entities must report major incidents to competent authorities, enhancing transparency and response capabilities.

ICT Third Party Risk

DORA addresses risks associated with third party service providers. Entities must monitor and manage third-party risks effectively, ensuring the security of outsourced services.  This also includes review and potential renegotiation of contractual arrangements.

Compliance Obligations

Since its enactment on January 16, 2023, DORA has been a pivotal force in shaping the EU’s digital finance landscape.  Beyond financial resilience, it scrutinises an entity’s ability to navigate and recover from ICT-related disruptions and risks. DORA introduces new compliance obligations across the entire EU financial sector, emphasising operational robustness and preparedness.

Download our “DORA – Practical Guidance” and “DORA Readiness Scan” today.  Achieve full compliance before the deadline of January 17, 2025.  Strengthen your operational resilience with DM’s expert support.

How DM Can Help You

At DM, our multi-disciplinary teams blend technology expertise, cybersecurity insights, regulatory compliance expertise, project management and ICT risk management.  Our expertise will empower your organisation to enhance operational resilience and ensure DORA compliance.  We tailor solutions to your organisation and use strategic roadmaps to guide you with actionable steps.  Our results-driven approach ensures effective implementation.

Preparation

DM Preperation

Implementation

DM Impementation

Maintenance

DM Maitenance

Clients We Serve for DORA

DM Dora clients image

As a trusted advisor, DM manages the implementation of the EU’s Digital Operational Resilience Act (DORA) within a diverse range entities and groups, including AIFM’s, UCITS, financial entities in a group structure, pension fund and centralised IT-departments of financial entities. Our involvement for these companies include;

  • Conducting comprehensive reviews, thematic audits, GAP analyses, ICT risk assessments and readiness quick scans for the European branches of a prominent global trust fund company headquartered in the USA. Our active involvement spans Ireland and Luxembourg providing actionable insights to enhance the company’s overall performance, risk management and compliance.
  • Managing the implementation of DORA (project management) within a group structure involving asset and fund management services across Europe, private wealth management and a pension fund. Our involvement includes performing ICT risk assessments, applying good practices, designing templates, and the development of Digital Operational Resilience strategies.
  • We serve as hands-on sparring partners and project managers for DORA implementation in a European real estate investment and asset management company, as well as an asset, capital, and investment management firm. Our expertise ensures data security, privacy, compliance, and seamless operational integration.

Preparing for DORA

At DM, our commitment to clients goes beyond conventional solutions. We actively collaborate with organisations, preparing them for Digital Operational Resilience Act (DORA) implementation. Through these partnerships, we’ve gained valuable insights into the unique challenges faced by organisations striving to enhance their ICT risk management, conduct critical ICT systems testing, and fortify internal digital operational resilience while ensuring legal compliance.

Our Value Proposition: Assurance and Advisory

Assurancewe provide confidence through rigorous assessments and audits.  Our approach ensures compliance and risk mitigation

Advisorywe design and implement sustainable solutions collaboratively.  Our advisory and project management services guide you towards resilience and excellence

We understand that achieving and maintaining resilience is a continuous process. Let DM assist you to navigate the complexities of DORA.

DM Doing More
DM Doing More
DM Doing More
DM Doing More
DM Doing More
DM Doing More

Related Publications

DORA Triggers Internal Audit

Sharing knowledge, updates and changes regarding the latest developments of DORA

DM Knowledge Outsourcing

Highlighting the most important elements to consider when assessing your organisation’s outsourcing setup

Contact us

DM Richard Frehé

Richard Frehé

Managing Director, Consulting

DM Martin Stravers

Martin Stravers

Managing Director, Assurance

To find out how we can Do More for you, please complete the following form and we will be in touch.

3 + 13 =