Welcome, Guest

DORA: Digital Operational Resilience for EU Financial Entities

Overview

A 5-module decision-based scenario course covering the Digital Operational Resilience Act (Regulation (EU) 2022/2554). The learner manages an ICT incident classification, builds and audits a third-party register, runs a threat-led penetration test (TLPT), executes an exit strategy, and faces a supervisory examination. Approximately 120 minutes total. Course delivered in English.

Target Audience:

ICT risk managers, third-party risk officers, CISOs, compliance leads, and operational resilience teams at EU credit institutions, payment institutions, investment firms, insurance undertakings, crypto-asset service providers, and other financial entities under DORA scope

Features and USPs:

Stakeholder HUD with live credibility scoring across regulator, clients, board, and vendor. Document redline review for the Article 28 register. Inline calibration micro checks. Threat-led penetration test (TLPT) decision tree. Legally reviewed by qualified EU counsel.

Learning Objectives:

  • Classify an ICT incident under Article 18 and decide reporting trigger
  • Maintain a DORA-compliant third-party register meeting Article 28 standards
  • Scope and run a threat-led penetration test under Article 26
  • Plan and execute an Article 28(8) exit strategy from a critical ICT third party
  • Engage with a Lead Overseer or competent authority during examination