This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our PRIVACY POLICY for more information on the cookies we use and how to delete or block them.
Home > Industries > Financial services > DORA

  • DORA

DORA

New EU regulation on digital operational resilience of financial institutions

DORA is the EU's flagship initiative on digital operational and cyber resilience in the financial services sector. The aim is to strengthen the resilience of institutions to the digital threats that will dynamically evolve and to minimise the vulnerability of business models. The Regulation therefore introduces a single set of regulatory and supervisory rules for operational resilience of information and communication technologies in the financial sector. Among other things, it requires financial institutions to invest significantly in improving their resilience to digital and cyber risks.

 

                            What does this mean for the entity and how can BDO help?
Risk management framework     

To comply with DORA, banks will need to have robust risk management systems and processes in place. 

  • We will conduct a GAP analysis of compliance with regulatory requirements
  • We will assist with aligning business strategy with cyber risk management and maintaining a comprehensive and effective risk management framework
Incident reporting    

The aim of DORA is to harmonise incident classification and reporting processes. Early detection of incidents and rapid response are essential. 

What can BDO help with?

  • We will suggest how to adapt to the new EU rules in terms of reporting and align internal processes in this regard to optimise resource allocation.
Penetration testing of resilience    

What can BDO help with?

  • We perform vulnerability scanning and penetration testing. If necessary, we will perform robust business continuity and disaster recovery testing.
  • We will design and develop an appropriate solution, help with process integration and tool support to share information about these threats.
Third party risk management and monitoring    

Banks should assess whether their response and recovery strategies and plans adequately address the enhanced risk management rules 

What can BDO help with?

  • BDO's cybersecurity services are based on leading practices and driven by global regulatory requirements.
  • As a result, we can provide our clients with a holistic solution to manage complexities within third-party ecosystems.

 

Up next:
Hlavní kontaktní osoby
Tomáš Kubíček, Partner
Tomáš Kubíček
Partner
Prague - Chodov
Michael Kralert, Director
Michael Kralert
Director
Prague - Chodov