A half-day course on DORA and its impacts.

Virtual Classroom, 30 January 2025

Background

The European Union (EU) has adopted the Digital Operational Resilience Act (DORA) to enhance the ICT risk management framework across the financial sector. DORA aims to harmonize and strengthen ICT risk requirements, ensuring that all entities within the financial ecosystem adhere to a unified set of standards. This enables them to implement robust safeguards against cyberattacks, technological failures, and other ICT-related risks. Furthermore, the legislation mandates that financial entities demonstrate resilience against all forms of ICT disruptions and threats.

DORA's scope is extensive, encompassing a wide array of financial entities such as credit institutions, payment institutions, e-money institutions, investment firms, crypto-asset service providers, central securities depositories, managers of alternative investment funds (AIFMs), UCITS management companies, administrators of critical benchmarks, crowdfunding service providers, and ICT third-party service providers. Many organizations previously not subject to ICT-specific regulations will now fall under DORA’s purview.

The Regulation is set to take effect on 17 January 2025, providing firms with a clear timeline to ensure compliance.

Objectives and key take aways 

The half-day course will equipe the participants with a wider knowledge of DORA Regulation and in particular:

• scope and main objectives
• key components
• DORA breaches and consequences
• its impacts on the compliance framework and organisational duties
• the new responsibilities for Board members

Who should attend

The course is designed to the benefit for:

ICT and Cybersecurity Professionals

• Chief Information Officer (CIO)
• Chief Technology Officer (CTO)
• Chief Information Security Officer (CISO)
• IT Risk Manager
• Cybersecurity Analyst, Cyber Risk Manager
• ICT Operations Manager
• Disaster Recovery Specialist of the wide EU financial services sector.

Compliance and Risk Management Professionals

• Compliance Officer
• Risk Manager
• Operational Risk Officer
• Regulatory Affairs Specialist
• Internal Auditor (specializing in ICT or operational risks)
• Legal Counsel (Financial Regulation)

Senior Leadership and Governance

• Chief Executive Officer (CEO)
• Board Member (with ICT or risk management responsibilities)
• Business Continuity Manager
• Program Manager for ICT Regulatory Compliance

Faculty  

Paulo Carvalho Martins
Group CISO
Euronext Group