Crisam Logo
  • CRISAM®
    CRISAM®
    • What is CRISAM®?
    • Method
    • Content
    • Continuing education
    • Events
    • Customers
    • Webinars
  • Areas of application
    Areas of application
    • Information Security Management
    • Integrated Risk Management
    • Data Protection Management
    • Internal Control System & Audit Management
    • Business Continuity Management
    • Project Risk Management
    • CRISAM® Legal Hold Software
    • CRISAM® Compliance powered by Deloitte
    • ESG
    • DORA
    • Compliance Management
    • Tax Compliance Management System
    • Global Internal Audit Standards
    • SAT legal cadastre module
    • Approvals & Disclosures Workflow Software
    • Conflicts of Interest Software
  • Industries
    Industries
    • Automotive
    • Energy
    • Health
    • Manufacturing
    • Finance
    • Trade
    • Real Estate & Construction Industry
    • Broadcasting & Telecommunications
    • Technology
    • Transport & Logistics
  • More
    More
    • Download Center
    • News
    • CRISAM® Partner
    • CRISAM® Academy
    • Jobs
    • Contact
  • en
    • de
Request
  • Language
    • de
  • CRISAM®
    • What is CRISAM®?
    • Method
    • Content
    • Continuing education
    • Events
    • Customers
    • Webinars
  • Areas of application
    • Information Security Management
    • Integrated Risk Management
    • Data Protection Management
    • Internal Control System & Audit Management
    • Business Continuity Management
    • Project Risk Management
    • CRISAM® Legal Hold Software
    • CRISAM® Compliance powered by Deloitte
    • ESG
    • DORA
    • Compliance Management
    • Tax Compliance Management System
    • Global Internal Audit Standards
    • SAT legal cadastre module
    • Approvals & Disclosures Workflow Software
    • Conflicts of Interest Software
  • Industries
    • Automotive
    • Energy
    • Health
    • Manufacturing
    • Finance
    • Trade
    • Real Estate & Construction Industry
    • Broadcasting & Telecommunications
    • Technology
    • Transport & Logistics
  • More
    • Download Center
    • News
    • CRISAM® Partner
    • CRISAM® Academy
    • Jobs
    • Contact
  • Request
Visualisierung des Digital Operational Resilience Act (DORA) für den Finanzsektor.

DORA - Digital Operational Resilience Act

DORA, the Digital Operational Resilience Act, is relevant for information and communication technologies in the financial sector. With CRISAM®, implementation is straightforward.

Book a demo appointment now

What’s DORA?

The Digital Operational Resilience Act (DORA), or Regulation (EU) 2022/2554 of the European Parliament and of the Council, includes regulations for information and communication technologies (ICT) across the entire financial sector. DORA will be applied starting from January 17, 2025.

Who is affected?

The new regulation affects two types of entities. On one hand, the entire financial sector, such as credit institutions, insurance, and reinsurance companies. On the other hand, ICT third-party service providers that offer ICT services and enter into specific contracts with financial companies.

Are you one of the affected companies?

The affected companies are categorized by size based on various criteria. DORA defines the four company sizes according to the number of employees and the annual turnover or balance sheet total.

Micro-enterprises

A financial company that is not a trading venue, central counterparty, trade repository, or central securities depository, employs fewer than ten people, and has an annual turnover or balance sheet total not exceeding EUR 2 million.

Small enterprises

A financial company that employs 10 or more but fewer than 50 people and has an annual turnover or balance sheet total exceeding EUR 2 million but not exceeding EUR 10 million.

Medium-sized enterprises

A financial company that is not a small enterprise, employs fewer than 250 people, and has an annual turnover not exceeding EUR 50 million and/or an annual balance sheet total not exceeding EUR 43 million.

Large enterprises

Large enterprises include all financial companies that do not fall under the definition of micro, small, or medium-sized enterprises. They employ more than 250 people and have an annual turnover exceeding EUR 50 million and/or an annual balance sheet total exceeding EUR 43 million.

What’s the goal of DORA?

DORA standardizes and updates various national regulations and laws. Its goal is to create a high common level of ICT security for the EU’s financial sector, embedded within a modernized legal framework. Additionally, it includes specific requirements for implementing security measures. DORA is based on four pillars or thematic areas:

  • ICT Risk Management
  • Handling of ICT Incidents
  • ICT Security Testing
  • Oversight of Critical ICT Third-Party Service Providers

In addition to DORA, various regulations have been updated to align with it.

In collaboration with metafinanz Informationssysteme GmbH, we have developed a requirements catalog for the different chapters of DORA and incorporated it into the CRISAM® methodology. The compliance questions for the articles were organized into thematic modules. Additionally, we support compliance with the drafts of the Regulatory Technical Standards (RTS) and the drafts of the Implementing Technical Standards (ITS).

Reporting

Compliance with Regulation (EU) 2022/2554 is calculated based on the completion of the requirements catalog. By dividing DORA articles into multiple requirements, it is possible to identify and address deviations systematically. Additionally, CRISAM® offers this compliance check for the current RTS and ITS as well.

We’d be happy to demonstrate it for you!

CRISAM

No risk - let's just stay in touch!

Telefonsymbol in grün für Kontaktaufnahme.
Phone

+43 (0)732 601 216-0

Umschlag-Icon in grün, das den Versand von E-Mails symbolisiert.
E-Mail

office@crisam.net

Papierflieger in grün, der die Versandoption für E-Mails symbolisiert.
Newsletter

Register now

CRISAM GRC Software
Darstellung eines Trends im Risikomanagement

CALPANA business consulting GmbH

Blumauerstr. 43

4020 Linz, Austria

+43 (0)732 601 216-0 sales@crisam.net

CALPANA business consulting Deutschland GmbH

Paul-Dessau-Str. 1

22761 Hamburg, Germany

+49 (40) 35 98 29 21 sales@crisam.net

CALPANA business consulting GmbH

Blumauerstr. 43

4020 Linz, Austria

+43 (0)732 601 216-0 sales@crisam.net

CALPANA business consulting Deutschland GmbH

Paul-Dessau-Str. 1

22761 Hamburg, Germany

+49 (40) 35 98 29 21 sales@crisam.net
CRISAM®
  • What is CRISAM?
  • CRISAM® Method
  • CRISAM® Content
  • Events
  • Continuing education
Operational area
  • Information Security Management
  • Data Protection Management
  • Integrated Risk Management
  • Internal Control System & Audit Management
  • Business Continuity Management
  • Project Risk Management
Industries
  • Automotive
  • Energy
  • Health
More
  • Download Center
  • CRISAM® Partner
  • News
  • Contact

© 2023 CALPANA business consulting GmbH. All rights reserved.

  • Imprint
  • Privacy
linkedin
xing