An SES Guide to DORA (Digital Operational Resilience Act)

Published on 19/12/2024

In under a month, the Digital Operational Resilience Act (DORA) will be enforced in the EU Finance Sector. The regulation will officially apply as of the 17th of January 2025. As DORA is a major EU-level regulation, it's essential for organisations to provide evidence of adhering to DORA's guidelines.

What is DORA?

DORA is an EU regulation that has been designed to improve the level of IT security of financial entities, such as banks, investment firms, and insurance firms. The implementation of DORA is set to support the finance sector with being more resilient and better prepared when faced with unexpected events and disruption (e.g., a bank’s software supplier encountering maintenance issues).

How Will DORA Transform the EU Finance Sector?

Prior to DORA’s introduction, existing risk mitigation laws and regulations in the EU finance sector mainly addressed whether financial entities had sufficient capital to cover operational risks. However, it became clear that these regulations applied to different financial entities in varied ways. In response to this, DORA’s role as an EU-level risk management and operational resilience regulation aims to harmonise the approach to ICT risk mitigation across the whole EU finance sector.

Which Aspects of the EU Finance Sector Will DORA Change?

Essentially, there are 6 areas that DORA will cover. These being:

  • ICT Risk Management
  • ICT Third-Party Risk Management
  • Digital Operational Resilience Testing
  • ICT-Related Incidents
  • Information Sharing
  • Oversight of Critical Third-Party Providers

DORA regulations

Will DORA Impact UK Businesses?

A misconception surrounding DORA is that it does not affect UK businesses. However, whilst DORA is an EU regulation, if you are a UK-based business supplying to the EU or working with an EU supplier, you must comply with the Digital Operational Resilience Act.

Earlier this year, our Account Directors, Tom and Darragh appeared on a podcast with MCR-SEO. In the podcast episode, they deep dived into DORA and what it means for organisations, both in the EU and the UK.  Give it a watch:

 

 

 

SES Are Here To Help

Over the past 25 years, we’ve helped over 3,000 customers across 45+ countries. The expertise of our team supports us being well equipped to assist organisations with regulatory compliance. If you’d like to arrange a chat with one of our experts, please don’t hesitate to get in touch.

If you have any questions or would like to arrange a DORA specific consultation, please get in touch.

0161 488 1400

[email protected]

Find out how SES can help your business
Contact us

Contact us

If you would like further information, discuss your requirements, get a free no obligation quotation or just a friendly chat on how we could possibly help please fill in the details below and one of our team will get back to you as soon as possible.
Tick the box to receive regular updates and industry insights