Compliance · DORA

DORA

The EU Digital Operational Resilience Act: binding ICT risk and resilience requirements for financial entities and their critical ICT third parties.

Book a call Take the 2-minute readiness check
A person signing a document at a desk
01

What it is

Five pillars of operational resilience.

DORA spans ICT risk management, incident reporting, digital operational resilience testing, ICT third-party risk, and information sharing.

It applies to EU financial entities and their critical ICT service providers, and UK companies with EU operations or clients can find themselves in scope.

02

Who needs it

Financial entities and the companies that supply them.

In-scope financial entities, plus the ICT providers they depend on, where resilience obligations now pass through contractually.

03

How we help

From gap to evidenced resilience.

  • Gap assessment against each of the five pillars
  • Build or strengthen the ICT risk-management framework
  • Stand up the Article 28 third-party register that survives a regulator review
  • Resilience testing readiness and the evidence to back it up

Working out what DORA means for you?

Bring your situation; we’ll tell you honestly where you stand against the five pillars.

Book a call