DORA is a cross-sectoral regulation applying to more than 20 different types of financial entities and to a more than double number of competent authorities (CAs), in order to ensure a cross-sectoral proportionate and harmonized approach in developing the level 2 legislation, the ESAs have decided to constitute the Joint Committee Sub-Committee on Digital Operational Resilience (JC SC DOR)8 to contribute and coordinate where needed, the ESAs’ input to the EU regulatory process relating to digital operational resilience.
More than 50 authorities including national authorities, the European Central Bank and ENISA take part in the joint work on the development of the policy products mandated by the DORA. For source
As a measure to enhance the overall digital operational resilience of the EU financial sector, on 27 December 2022, the Digital Operational Resilience Act (DORA) was published in the Official Journal of the European Union1 and entered into force on 16 January 2023. DORA will apply from 17 January 2025. For source
DORA brings harmonisation of the rules relating to operational resilience for the financial sector applying to 21 different types of financial entities, covering important topics such as:
- ICT risk management;
- ICT incident management and reporting;
- Testing of the operational resilience of ICT systems;
- The management of ICT third party risks.
- Furthermore, DORA is lex specialis to the NIS Directive2 and to Article 11 and Chapters III, IV and VI of the CER Directive.
Contact Us Today
Our DORA compliance services assist you in complying with the proposed EU regulation on operational resilience for financial institutions, which aims to ensure that firms are able to withstand and recover from cyber incidents, IT failures, and other operational disruptions. We can help you assess your operational risks, develop and test your resilience plans, and monitor and report on your resilience metrics. Contact us today for more information.