<dora>
Digital Operational Resilience Act
Handbook for assessment and implementation
This handbook attempts to structure and simplify the requirements in the regulatory text, by offering summaries and actionable advice on how to assess and implement compliance, to support organisations currently working to implement the regulation – Happy reading!
- This document includes summaries of key points in the European Parliament regulation on digital operational resilience for the financial sector. Any summary will naturally omit some detail and nuance, but we have made our best attempt at staying true to the regulatory text and including what we have identified as the most important points.
- The requirements have been summarized from the perspective of most financial entities(referred to broadly as ‘organisations’) implementing the regulation. Special requirements concerning ‘microenterprises’, central securities depositories, etc. have not been included.
<dora>
Guidelines for ICT Risk Management
Handbook for assessment and implementation
DORA creates a regulatory framework on digital operational resilience, for all financial entities to make sure they can withstand, respond to, and recover from all types of ICT-related disruptions and threats. The proposed requirements are homogenous across the EU, with the aim of preventing and mitigating cyber threats.
- DORA introduces a series of new, more comprehensive requirements to establish solid frameworks for managing ICT risk.
- To enable organisations to effectively comply with the regulation, supplementary regulation has been published to further detail the regulators’ expectations regarding digital operational resilience.
- This guideline documents provides a summary of the main chapters in the RTS on risk management tools, methods, processes and policies, outlining key requirements and areas to prioritise in regulatory implementation.
