Expediente DORA

Something a bit different for DORA Digest this month, as we launch DORA Talks – five episodes dedicated to talking about all things DORA. Shreeji Doshi, a director of cyber governance, risk and compliance (and editor of DORA Digest) met with experts from the worlds of banking, funds, risk management, and cyber security to get their different perspectives on what DORA’s impact will be.

All episodes are available now, each with fascinating insights for anyone interested in DORA and the wider issues of cyber risk management.

Starting over or from scratch is one way to approach DORA compliance – another option is to leverage existing tools to smooth your path to January 2025.

One of the most useful tools available is the recently updated Cybersecurity Framework from the US’s National Institute of Standards and Technology (the NIST CSF).

In the latest DORA Digest, Shreeji Doshi (Director, GRC Cyber Risk) explains how aligning DORA’s prescriptive requirements to this latest version of the NIST CSF can accelerate the DORA compliance process.

The purpose of this monthly DORA Digest is to outline what most of these organisations will need to do to achieve the desired results. With less than a year to go until DORA takes effect, the DORA compliance journey should be well mapped out by now. This month, we cover:  

• Understanding DORA requirements in more detail 
• How Thomas Murray’s DORA assessment questionnaire can help 
• Challenges that organisations are likely to face 

The countdown to the Digital Operational Resilience Act (DORA) has begun in earnest. With only one year to go, each month we’ll be looking at the key issues and events you need to be aware of as the final implementation date of 17 January 2025 approaches.  

In this first issue of the DORA DIGEST, we’ll be looking at why the regulation was created, what it is, who it affects, and suggestions for planning your journey to DORA compliance.