DORA – What you need to know

The purpose of the EU’s new Digital Operational Resilience Act (DORA) is to ensure the safety and security of the financial sector’s digital infrastructure. DORA outlines a framework of rules and requirements for financial institutions, market infrastructure providers, and digital service providers. Here are the top things organisations need to know about DORA. 

  1. Scope and Coverage – DORA aims to strengthen the digital operational resilience of the entire financial sector. This includes payment service providers, digital asset service providers, and market infrastructure providers, among others. 
  2. Cybersecurity and IT Risk Management –  Organisations need to have robust cybersecurity and IT risk management frameworks that ensure the safety and security of their digital systems and services. DORA emphasises the need for risk-based cybersecurity practices and threat intelligence sharing. 
  3. Incident Reporting – DORA mandates that organisations report significant incidents to relevant authorities. DORA aims to create a unified reporting system that enhances coordination and information sharing between financial institutions, market infrastructure providers, and digital service providers. 
  4. Outsourcing and Third-party Risk Management – DORA emphasises the need for organisations to assess, manage, and monitor the risks associated with outsourcing digital services to third-party providers. It recommends that organisations conduct due diligence assessments before outsourcing services. 
  5. Business Continuity Management – The proposal requires organisations to have effective business continuity management plans in place to ensure that they can withstand and recover from significant operational disruptions. 
  6. Testing and Scenario Planning – DORA emphasises the importance of regular testing and scenario planning to assess an organisation’s resilience to various operational risks, including cyber threats, technology failures, and natural disasters. 
  7. Supervision and Oversight – National supervisory authorities will have a supervisory role in ensuring that organisations comply with the new rules and requirements.  
  8. Incident Response and Remediation – Organisations should have effective incident response plans in place to detect, respond to, and remediate significant incidents. DORA emphasises the importance of cooperation and coordination between organisations and relevant authorities in incident response and remediation efforts. 

In conclusion, the Digital Operational Resilience Act is a comprehensive framework of rules and requirements aimed at ensuring that the digital infrastructure of the financial sector is safe and secure. Applicable from 17th January 2025, organisations will need to assess their digital operational resilience against the requirements and take appropriate measures to comply with the new rules.  

If you would like to know more about how to streamline your risk and compliance needs, contact us or request a free tailored demo today.

 

Recent News

CalQRisk Shortlisted as Best Technology Partner in Housing Digital Innovation Awards

CalQRisk has been named a finalist in the Housing Digital Digital Innovation awards. CalQRisk is nominated as best ...
Read More

CalQRisk Achieves G-Cloud 14 Approved Supplier Status

Delighted to confirm that following on from our GCloud 13 supplier status, that CalQRisk has been listed as ...
Read More

CalQRisk named as Finalist for Cyber Security Provider of the Year at the Cyber Insurance Awards Europe

CalQRisk are thrilled to be finalists for the Cyber Security Solution Provider of the Year at the Cyber ...
Read More

Volunteer Succession Planning – ‘Tomorrow’ has arrived.

Strong succession planning is critical for the viability of all businesses but can be particularly challenging for volunteer-led ...
Read More

What is CSRD?

The Corporate Sustainability Reporting Directive (CSRD) is a framework for non-financial reporting which is mandatory for large companies ...
Read More

CalQRisk Triumphs at the 2024 FS Awards, Winning Compliance and RegTech Award

At a distinguished ceremony held at the iconic Mansion House, CalQRisk emerged as the proud recipient of the ...
Read More

NoFrixion Selects CalQRisk for its DORA Compliance Efforts

NoFrixion, the Embedded Banking company based in Dublin, Ireland, has announced its partnership with CalQRisk to ensure compliance ...
Read More

CalQRisk is a finalist in the FS Awards

CalQRisk has been named as a finalist in the competitive and prestigious FS Awards for the Compliance and ...
Read More

CalQRisk Customer Support Manager wins Rising Star at Irish Early Career Awards 2024

Congratulations to our Customer Support Manager, Eimear Farrell, who was named as a Rising Star in the Fintech ...
Read More

CalQRisk wins Pitch Competition at ESCO Cyber Solution Days Event, Kilkenny, September 2024

The Cyber Ireland (CI) CISO Forum and ESCO Cyber Solution Days event took place in the Lyrath Hotel, ...
Read More