Digital Operational Resilience [Act] for the financial sector or ‘DORA’ is a proposed European Parliament Act aimed at laying down uniform requirements concerning the security of network and information systems supporting the business processes of financial entities, with a view to achieving a high-level of digital operational resilience within the financial sector.

The key requirements and considerations encapsulated within DORA are:

1. Governance
2. ICT risk management
3. ICT incident reporting
4. Digital operational resilience testing
5. Information sharing

To ensure consistency around the Information and Communication Technologies (ICT) risk management requirements applicable to the financial sector, the proposed regulation will cover a range of financial entities regulated at union level.

It is envisioned that such coverage will facilitate a homogenous and coherent application of all the components of the risk management on ICT-related areas while safeguarding the level playing field among financial entities in respect of their regulatory obligations on ICT risk.

A&M’s experienced professionals can support organisations through a three-step journey as they look to align against the proposed DORA requirements.

How A&M can help?

A&M’s Financial Services experts can assist in mobilisation, implementation strategies and quality assurance for complying with the Guidelines in a manner which is proportionate for your firm.