Increased digitization and interconnectedness amplifies the ICT risk. Society as a whole and the financial system in particular therefore become more vulnerable to cyber threats and ICT disruptions. DORA must thus ensure that more is done with the digital resilience of financial entities. At the same time, the digital resilience must be integrated into the units' wider operational framework.
Ultimately, DORA is about trust. The existing high level of interconnectedness among financial entities, financial markets and financial market infrastructures, and in particular the interconnectedness of their ICT systems, may constitute a systemic vulnerability. Localized cyber incidents can quickly spread from one of the approx. 22 000 financial entities in the Union to the entire financial system, unhindered by geographical borders. Serious ICT breaches in the financial sector do not only affect financial entities in isolation. They also pave the way for the spread of localized vulnerabilities across the financial transmission channels and trigger potentially negative consequences for the stability of the EU financial system such as the creation of liquidity outflows and a general loss of confidence and trust in financial markets.
By consolidating and upgrading the various rules on ICT risks, all provisions on digital risk in the financial sector are for the first time brought together in a consistent manner in a single legislative act. With DORA, financial entities must follow the same approach and principles-based rules when dealing with ICT risk, taking into account their size and overall risk profile, as well as the nature, scale and complexity of their services, activities and operations.
You can read the entire regulation as well as the delegated and implementing acts by clicking here .
Management must be able to plan, manage and control the organisation's efforts to comply with DORA. That is why we have turned DORA into a checklist so that your cyber and information security efforts are optimized in relation to keeping hackers out, costs down and management's personal responsibility at the door.
Take 2 minutes to see and hear Jacob Naur tell us briefly about DORA and the checklist.
When you have downloaded the checklist, you can see the tasks under DORA in the left column of the checklist. Each article in DORA is thus translated into the concrete tasks that must be solved by your cyber and information security efforts. In the right column, you describe your existing and planned efforts in the area. The result is a long series of ticks that you get to set, but there will probably also be DORA tasks that you cannot solve with either the existing or planned efforts.
Get the checklist sent immediately by click here.
In other words, if you use the checklist, you will be able to create a maturity report for the management, so that it becomes visible whether you are on the right track, or whether you need to supplement with new measures to get the final ticks off, depending on your risk appetite.
When you have gone through the checklist, in other words, you also have a maturity assessment, which is suitable to be included in your reporting to the management about the DORA effort.
Book a workshop, then we will come out and run through the checklist with you. Regardless of whether you have not started at all, or perhaps you have been in business for a while, we can help you to get an overview that can be communicated effectively to the management.
Feel a little special and sign up Unitas' newsletter. Get very special offers and news that are not widely available on social media.
Feel a little special and sign up Unitas' newsletter. Get very special offers and news that are not widely available on social media.