What is the DORA Regulation?
It is theDigital Operational Resilience Act(DORA), which aims to achieve a high level of digital operational resilience by establishing requirements relating to the security of information systems that support the processes of financial institutions.
This Regulation seeks to improve existing European Union rules on operational risk, particularly in relation to threats related to information and communication technologies (ICT). It also establishes specific technological guidelines for areas such as risk management, incident reporting, operational resilience testing, and monitoring of third-party risk.
PKF Attest the implementation of DORA
At PKF Attest, we offer services designed to facilitate compliance with the requirements established by DORA, providing comprehensive solutions that help organizations effectively adapt to its demands.
DORA compliance plan
A detailed compliance plan that addresses every facet of DORA compliance.
At PKF Attest, we offer comprehensive support to ensure your organization is ready to face the challenges of DORA. Our services include:
Independent Diagnosis (Gap Analysis)
Assessment of the current level of compliance with DORA.
Detailed Adaptation Plan
Specific actions to be implemented to ensure compliance with DORA
Design and Development of Procedures and Controls
Including key areas such as IT Governance, ICT Risk Management, Incident Management, Business Continuity, Outsourcing, and Cloud Services.
Digital Operational Resilience Testing Assessment
Ensuring solid preparation to deal with potential disruptions.
Training and Awareness
Providing specialized training programs, including training for the Board of Directors in ICT risk management.
Internal Audits
We assist internal audit departments with technology-specialized auditors:
> We evaluate the GAP Analysis and the DORA compliance plan developed by the entity.
> We updated our audit work programs to incorporate DORA requirements.
> We identify specific audits to verify correct implementation.
> We perform specific audits, including those that internal audit must address (such as evaluating the ICT risk management framework, reviewing comprehensive response and recovery plans, and evaluating ICT service providers).
DORA requires that these audits be performed by auditors specializing in Information Technology, a service that PKF Attest with excellence.
When does the Digital Operational Resilience (DORA) regulation come into effect?
On January 16, 2023, the DORA (Digital Operational Resilience Act) regulation came into force..
It is crucial to note that the deadline for implementing DORA expires on January 17, 2025. This regulation affects various financial sectors, such as banks, insurance companies, investment services companies, and credit rating agencies. Each entity must comply with substantial requirements, ranging from the implementation of an ICT risk management framework to intensified monitoring of cyber threats and the reporting of serious incidents.
Interventions as experts in the DORA regulation
> The race against time for the DORA Regulation
> Session on the new DORA regulation
The most secure digital revolution for financial institutions
DORA, a consistent incident reporting mechanism that reduces administrative burdens for financial institutions and raises awareness about cybersecurity.
Contact with us
We help you implement the Digital Operational Resilience regulation.
It is time for protection, detection, containment, recovery, and repair in the face of ICT-related incidents.
