Digital Operational Resilience Act (DORA): Take a Licking and Keep on Ticking

The financial sector is only healthy if participating entities can withstand singular or simultaneous cyberattacks.

March 1, 2023 – An increasing number of cyberattacks have given cause for concern throughout the EU that financial entities are subject to systemic and concentration risk owing to the interconnectivity of the financial markets. To address these concerns, the European Commission, the European Council Presidency, and the European Parliament collaborated to build a framework for financial institutions and service providers. DORA is an act like no other. It will force financial entities to take operational resiliency and business continuity seriously and understand operational discontinuity down to the customer level and throughout the ICT service model.

This Impact Report is designed to guide CISOs and those responsible for operational resilience to plan accordingly to the requirements and deadlines of DORA. This report is based on Aite-Novarica Group’s analysis of the 258 pages of the Digital Operational Resilience Act (DORA) published in the Official Journal of the European Union as Regulation (EU) 2022/2554. The analysis focused on specific requirements that financial entities should address before the 2025 deadline.

Clients of Aite-Novarica Group’s Cybersecurity service can download this report.

This report mentions the Basel Committee, BNP Paribas, European Union Agency for Cybersecurity (ENISA), European Commission, European Parliament, European Systemic Risk Board (ESRB), Financial Conduct Authority (FCA), International Consortium for Organizational Resilience (ICOR), ION, International Organization for Standardization (ISO), and Prudential Regulatory Authority (PRA).

Related Content

Business Continuity Planning and Disaster Recovery: CIO Checklist

The importance of well-documented and tested business continuity and disaster recovery plans has reached a new level of priority with insurers.  

Payment Processing Resiliency: A Study on Strategies and Experiences

Open banking, regulatory changes, and customer expectations are rapidly compelling organizations to improve payment processing resiliency approaches.  

Incident Response Retainer Services: Responding to the Scene of the Crime

The damage caused by data breaches has wide-ranging effects on financial services firms, making IR programs crucial.

Get Summary Report

"*" indicates required fields

This field is for validation purposes and should be left unchanged.