What are the 5 pillars of DORA?
In this clip from a recent webinar, HANDD’s Lead Solutions Architect Sam Malkin highlights the key pillars of DORA, focusing on ICT risk management, incident reporting, and third-party management. Articles 15, 16.3, and 18.3 are explored, outlining processes, incident classification, and third-party obligations.
View the clip and transcript below or watch the full webinar.
Transcript:
Sam Malkin : I just want to revisit those key pillars, again, to tell you which ones we are going to talk about today, and which ones are probably a July 17 kind of topic. So ICT risk management – that’s covered heavily in article 15 and 16.3, this is where we’re outlining our processes, a lot of what we should be doing with our systems and kind of it generally is included in their ICT incident reporting, as is article 18.3, and that’s where they’re starting to provide us with guidance on classification of incidents should they occur, you know, how big is an incident? Is it a major or minor, and who do I need to tell? And then our third party management, which Matt’s already brought up. So article 28.10, talks about understanding our third party obligations and recording our third party outsourcing involvement, even as far as providing us with a templated asset register on how to record that information. So the bottom two, let’s pin those until July for now, but those are going to be operational resiliency testing. So if you’ve seen any of this stuff on LinkedIn, online, or Nick’s stuff, you know, you’ll have seen mentions of threat led penetration testing, overall resiliency of your systems, all of that stuff, that’s another session. And similarly, information sharing – so who might I be able to share information with, what information with and how – 17 to July for those two.
Need support to achieve DORA compliance?
HANDD is experienced in helping banks and financial institutions navigate the complexities of new cyber regulation, and DORA is no exception. Our experienced team of cyber-risk specialists can help you find and identify non-compliant areas of your business in preparation for the full launch of DORA in 2025.
Book a call with our DORA Consultant: Call +44 (0)845 643 4063 or email marketing@handd.co.uk
Need more? View all our DORA resources here.