ICT Risk Management – Ariadnah Solutions

March 12, 2026September 23, 2025 by Ariadnah Solutions

The Problem: When Technology and Regulation Collide The DORA register of information is central to the new European legislation for digital operational resilience. Financial institutions must map and report their complete ICT supplier landscape. However, there's a fundamental problem: the register's technical data model doesn't support a risk-based approach, while DORA specifically prescribes this. Binary … Read more

illustrative example: business functions of a venture capital fund manager

March 12, 2026August 26, 2025 by Ariadnah Solutions

Defining business functions is a central requirement under the Digital Operational Resilience Act (DORA). As part of building your ICT risk management framework, you must identify the business functions your organization performs, determine their criticality, and map their dependencies. This exercise is essential because functions are the anchor point for risk assessment, impact analysis, and … Read more

Business functions in DORA; The cornerstone of your ICT Risk management

March 12, 2026August 26, 2025 by Ariadnah Solutions

Business functions are the cornerstone of your entire ICT risk management framework. Think of it as creating a blueprint of your organization, you need to know what you do (functions), what's essential (criticality), and what each function needs to operate (dependencies). Without this map, you're managing ICT risks blindfolded. 1. What are business functions? In … Read more

DORA Asset Management: What regulators expect

March 12, 2026July 17, 2025 by Ariadnah Solutions

Core requirement: Know what you have DORA requires you to create and maintain a comprehensive inventory of all your digital assets. This isn’t optional – it’s a fundamental regulatory expectation that forms the foundation of your ICT risk management. Two types of assets you must track Information assets Any collection of information worth protecting (e.g., … Read more