Informacijos ir kibernetinio saugumo valdymas

Compliance assessment for security of networks and information systems according to the DORA regulation requirements

Service

Regulation of the European Parliament and of the Council on digital operational resilience for the financial sector (EU) 2020/0266 (hereinafter – DORA) entered into force on and will apply as of . The DORA regulation establishes uniform security requirements for networks and information systems for EU financial sector entities – banks, investment companies, insurance companies, credit institutions, etc. (hereinafter – Organizations).

These organizations falling within the scope of the DORA regulation must take appropriate and proportionate security measures to ensure operational processes, manage security risks and incidents arising from the networks and information systems, and carry out resilience testing of digital operations.

Organizations must implement appropriate technical and organizational information and communication technology (ICT) and security risk management measures to ensure a level of security commensurate with the risk. If the requirements of the DORA regulation are not properly implemented, the organization’s license to engage in financial activities may be revoked, and in the event of a breach of personal data administrative fines may be imposed in accordance with GDPR provisions which may reach up to 2 – 4%. the total annual worldwide turnover of the preceding financial year, or up to EUR 20 000 000.

Organizations can prepare for the implementation of the requirements of the DORA regulation independently or use our service – Preparation for the Regulation of the European Parliament and of the Council on digital operational resilience for the financial sector (DORA) services.

Progress

  • We gather and assess evidence and information
  • We identify non-compliance with the Requirements
  • We prepare recommendations to eliminate non-compliances

Results

  • Report created.
  • Recommendations created. A compliance assessment report is created, in which non-compliances with the Requirements have been identified during the compliance assessment

Benefits

  • Non-compliances are identified and eliminated on the timely basis
  • Compliance with the security requirements of networks and information systems established in the DORA regulation is ensured

Contact person

Ernestas Lipnickas
Mobile: +370 (605) 44 444
Email: ernestas.lipnickas@adwisery.eu