Get Ready for DORA
Karer Consulting combines theoretical and practical knowledge for assessing and implementing DORA requirements.
As a TRUSTED ADVISOR we will guide YOU through the assessments and the implementation process – whether banking or insurance processes we have experience in both. Besides, you can be sure, we will integrate further regulations (e.g., EBA), if wished or needed.
- With the assessment we identify strategic and operative gaps. Concrete projects and measures will be defined and prioritized, and will be allocated to a DORA Roadmap.
- According to the DORA Roadmap projects or measures will be implemented. Karer Consulting will guide you through every step of implementation with current best practices and its nearly 30 years of experience in IT Service Management.
DORA at a Glance
DORA – the Digital Operational Resilience Act – is a European Union regulation aimed at enhancing the digital resilience of the financial sector.
DORA aims to ensure that financial entities can withstand, respond to, and recover from all types of Information and Communication Technology (ICT) disruptions and threats in a synchronized way.
DORA is crucial for safeguarding the integrity and stability of the financial system in the EU in the face of increasing cyber threats. Compliance will help prevent financial disruptions and enhance trust in digital financial services.
Financial entities are expected to comply with DORA requirements by January 2025.
Is my company in scope of DORA?
The requirements of the regulation apply to financial service providers and third-party ICT service providers that have contracts with those financial companies. The scope of DORA defines 20 different types of any financial service providers (exceptions could apply).
Please get in touch with us for further information.
DORA Key Aspects – What are the main fields of action?
In the light of DORA four major fields of action are defined for fulfilling the compliance requirements.
-
ICT-Risk Management
-
ICT-related incidents & management
-
Testing of digital resilience
-
Mgmt. of third-party risks
DORA and ITSM
Karer Consulting recommends to close gaps from the regulation via a proper IT Service Management. Therefore, we use standardized assessments for defining ITSM maturity and identifying DORA gaps.
Requirements from DORA can be fulfilled with adjustments to (or introduction of) IT service management on the IT service provider side. ITIL as industry best practice provides an appropriate framework for this.
DORA adresses requirements for many IT-services and ITSM processes
- Service Configuration and IT Asset Management | Change Management
- IT Service Continuity Management | Security Management
- Major Incident Management | IT Risk- & Knowledge Management
- Service Validation and Testing | Supplier Management | Measuring and Reporting
Our Approach
Karer Consulting will guide you through the assessment and implementation process. The assessments are split into interviews and workshops with various stakeholders across the board to ensure compliance in the day to day business and a process and documentation review to cover the legal compliance required by DORA.
This will derive projects and measures for the implementation. Implementation of prioritized projects and actions are accompanied by Karer Consulting.
By following this approach, we ensure that a compliance with DORA can be achieved.