Digital Operational Resilience Act (DORA) Compliance: Key Regulatory Updates

The Evolution of DORA

On December 8, 2023, the European Supervisory Authorities (the ESAs) launched a public consultation on the second batch of policy mandates under the Digital Operational Resilience Act (DORA). On July 17, 2024, the ESAs published the final reports on these policy mandates. The most noteworthy changes for in-scope financial entities emerged across the following areas:

Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS) on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats.
RTS on threat-led penetration testing (TLPT).
Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents.

RELATED

Print / Export Options

Report template

Bookmarks

Digital Operational Resilience Act (DORA) Compliance: Key Regulatory Updates

The Evolution of DORA

Request a trial

The best way to experience Better Regulation is to try it - free and without obligation.

Print / Export Options

Report template

Bookmarks

Share

Digital Operational Resilience Act (DORA) Compliance: Key Regulatory Updates

The Evolution of DORA

Log in

Request a trial

The best way to experience Better Regulation is to try it - free and without obligation.