DORA
DORA is the acronym for Digital Operational Resilience Act.
Digital Operational Resilience Act
An EU regulation aimed at ensuring the operational resilience of financial entities in the face of ICT (Information and Communications Technology) disruptions. It sets out requirements for managing ICT risk, incident reporting, and information sharing. DORA applies to a wide range of financial entities, including banks, insurance companies, and investment firms.
Key points about DORA:
- Risk management: Financial entities must identify, classify, and manage their ICT risks.
- Incident reporting: There are specific requirements for reporting major ICT-related incidents.
- Testing: Regular testing of ICT systems is required to ensure resilience.
- Third-party risk: DORA addresses risks associated with using third-party ICT service providers.
DORA is designed to strengthen the financial sector’s ability to withstand cyberattacks, technology failures, and other disruptions, ultimately contributing to financial stability.
- Abbreviation: DORA