An interdisciplinary approach between firms and their service providers is crucial to successfully "tame" DORA says PJ Di Giammarino of JWG.
EU DORA RTS - ICT risk management framework
Specifies the requirements for ICT security policies, procedures, protocols and tools. Sets out the simplified ICT risk management framework intended to ensure some flexibility in complying with DORA requirements is available to financial entities depending on their particular size, structure, internal organization and in the nature and complexity of their activities.
Notable
Latest News
Notable
Managing ICT third-party risk under DORA
Requirements imposed on financial services institutions when procuring ICT services from third parties - regulation and best practice.
Your DORA questions answered – Business resilience more broadly
This fifth of a series of articles covering a practical session organised by Ashurst focuses on business resilience questions connected to DORA.
Latest News
More on DORA
-
Key compliance takeaways from Norway’s ROS 2026
Norway’s financial infrastructure remains resilient, but rising cyber threats, third-party dependencies, and operational risks are rapidly changing the landscape.
-
EU supervisors highlight DORA, sustainable finance, and cross-sectoral risks in 2025 annual report
Joint Committee report underlines cyber risks, ESG data, and consumer protection as core compliance priorities.
-
The next question for EU’s digital rulebook
While the digital omnibuses simplify rules, the Commission's Digital Fitness Check assesses the coherence of the EU digital rulebook.
-
Operational resilience key to business survival, Insight says
AI has been the catalyst for an infrastructure rethink.
-
EU Commission proposals on digital sovereignty and high-risk vendors
Regulation to push European businesses and third-country suppliers to consider potential exposure to government influence when assessing their technology vendor relationships.
-
DFSA consults on new operational resilience framework
Proposals reflect established international approaches to operational resilience and will be familiar to Authorized Firms that are already subject to regimes in the UK and EU.
-
Morten Drægni on how the Nordic Financial CERT is building its region's cyber resilience
In a challenging cybersecurity landscape, the organization’s role today has never been more relevant.
-
Financial regulation 2.0: What EU regulatory evolution means for practitioners
Regulation targeting the financial sector continues to evolve. We explore the EU's future approach, where reforms are balanced with core safeguards – alongside perspectives from other key markets for the Nordic and Baltic region.