The Digital Operational Resilience Act (DORA) represents a significant shift in how financial organizations manage digital risks. For SMEs in the financial sector, this isn't just another compliance checkbox — it's a framework that calls for a fundamental rethink of digital operational resilience. What is the DORA register of information and why it matters The … Read more
The Digital Operational Resilience Act (DORA) requires the use of function identifiers (F keys) in schema 06.01, which seems simple at first — but quickly becomes complex. Managing these identifiers properly is critical for maintaining consistency across linked schemas like 02.02. Understanding function identifiers (F keys) In schema 06.01, each business function must be assigned … Read more
If you're preparing your DORA Register of Information submission, you need to understand the identifier requirements for ICT third-party providers in template B_05.01. The Implementing Technical Standards (ITS) on the DORA register of information requires valid identifiers for all ICT providers you report, including both direct providers and indirect suppliers in the service chain. Which … Read more
Discover the implications of the Digital Operational Resilience Act (DORA) for financial entities in our comprehensive document. With mandatory reporting for ICT third-party service providers set for
The Digital Operational Resilience Act (DORA) has a significant impact on the insurance sector. Insurers must comply with this new European regulation by January 17, 2025. In practice, insurers are working hard to meet these requirements. Practical support from the association The Dutch Association of Insurers has launched several initiatives to help insurers implement DORA … Read more
The challenge When completing the Digital Operational Resilience Act (DORA) information register, you must specify the type of each contractual arrangement: standalone, overarching, or subsequent/associated. This classification must be recorded in template RT.02.01, column RT.02.01.0020 'Type of contractual arrangement'. But how should you handle this for a typical ICT service where agreements are spread across … Read more
The purpose of RT.03 RT.03 is the cornerstone of mapping contractual relationships in your ICT service landscape. It’s designed to create a clear picture of who’s signing what, who’s providing services, and how these services flow within your organization or group. The ITS divides RT.03 into three essential templates, each serving a specific purpose in … Read more
Over the past few months, we've immersed ourselves in the complexities of the DORA register (Digital Operational Resilience Act). What is the DORA register? For those less familiar with the term: the DORA register is an essential component of European legislation aimed at strengthening the digital operational resilience of the financial sector. The DORA register … Read more
If you're grappling with the Digital Operational Resilience Act (DORA) register, you've probably wondered about the financial data requirements. What exactly do you need to report? And how can you make this data collection work smoothly? This article breaks down the specific reporting requirements, explains why they matter, and offers practical advice to help you … Read more
Core requirement: Know what you have DORA requires you to create and maintain a comprehensive inventory of all your digital assets. This isn’t optional – it’s a fundamental regulatory expectation that forms the foundation of your ICT risk management. Two types of assets you must track Information assets Any collection of information worth protecting (e.g., … Read more
