Digital Operational Resilience Act (DORA)
The European legislator has recognised the risks of cyber incidents in the financial sector and, with DORA, is creating a single regulatory framework for the management of risks associated with the use of information and communication technologies (ICT) and the handling of ICT incidents. The implementation deadline for DORA is 16 January 2025, and financial institutions and their ICT service providers that fall within the scope of DORA should take the necessary measures by then.
The latest legislative changes in the area of IT security have far-reaching implications for European companies. In addition to the Network and Information Security Directive (NIS-2), the focus is on DORA in particular. The legislator is thus extending the obligations of companies and organisations in the financial sector. They are now required to review their cyber security tools and implement the necessary measures for full compliance. We can support you with this!
Companies affected by DORA should take the necessary measures now
Not only financial service providers are required to implement the measures defined in DORA. DORA also introduces a framework for the supervision of critical ICT service providers in the financial sector. Providers of ICT services such as cloud computing services, software providers, data analysis services and data centres that (also) provide their services to financial institutions are thus also required to take further precautions with regard to risk and incident management.
The mandatory measures under DORA include, among other things
- Thorough assessment of the applicability of DORA to your organisation;
- Maturity assessment of existing processes and documentation, particularly with regard to the organisation of ICT risk and incident management as required by DORA (gap analysis);
- Definition of the necessary measures based on the measurement of the maturity level;
- Introduction and implementation of the defined measures.
Companies that already trust us
Our expertise is your advantage - get ready for DORA
Our experienced IT security and cybersecurity experts will advise you on the applicability check, the creation of an individual catalogue of obligations, the analysis of the current status of your cybersecurity processes and the comparison with the required measures according to DORA (gap analysis), as well as on the determination of necessary measures for full DORA compliance and support in the implementation of necessary measures.
Take the opportunity to strengthen your IT security and achieve your compliance goals
Make an appointment today for a free initial consultation to strengthen your IT security and achieve your compliance goals.
Ihr ISiCO-Experte für das Thema:
Dr. Jan Scharfenberg
Director Informationssicherheit
News zum Thema
Currently there are no news items.