What is DORA?
About This Lesson
In this introductory lesson, we'll explore the Digital Operational Resilience Act (DORA) and understand why it represents a fundamental shift in how the European financial sector approaches digital risk. You'll learn about the regulation's scope, objectives, and the key challenges it aims to address.
Downloadable Resources
Video Transcript
Welcome to Module 1 of the DORA Fundamentals Certification. In this lesson, we're going to explore what DORA is and why it matters for financial institutions across Europe.
DORA, or the Digital Operational Resilience Act, is a comprehensive EU regulation that came into force in January 2023. It establishes uniform requirements for the security of network and information systems of financial entities and their critical ICT third-party service providers.
The regulation applies to a wide range of financial entities including credit institutions, payment institutions, investment firms, insurance and reinsurance undertakings, and many others. If your organization operates in the European financial sector, DORA likely applies to you.
DORA is built on five key pillars: ICT Risk Management, Incident Reporting, Digital Operational Resilience Testing, ICT Third-Party Risk Management, and Information Sharing. We'll explore each of these in detail throughout this course.