Gatekeeper Podcasts

Everything You Need to Know About DORA

Written by Daniel Barnes | May 22, 2024 10:43:12 AM

We dive deep into the Digital Operational Resilience Act with Liam Mckenna, Partner at Mazars and Austin Kelly from Mazars. If you would like to work with Liam and Austin, please reach out to them here.

 

DORA (Digital Operational Resilience Act) is a new regulation that aims to address the increased digital risk organisations face. It focuses on five key pillars, including ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk. Non-compliance with DORA can damage an organisation's relationship with regulators and lead to remediation programs and penalties. Organisations need to start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Key challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses. Organisations should take DORA seriously and not just treat it as a compliance project. They should invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls.

Key Takeaways

-DORA is a new regulation that addresses the increased digital risk faced by organisations

-It focuses on five key pillars: ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk

-Non-compliance with DORA can damage an organisation's relationship with regulators and lead to penalties.

-Organisations must start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses

-Organisations should take DORA seriously, invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls

Chapters

00:00 Introduction

00:55 Overview of DORA

06:09 Non-Compliance and Penalties

09:44 Preparing for DORA Compliance

13:16 Challenges in DORA Compliance

25:25 Key Considerations and Conclusion