DORA Module Overview
The Digital Operational Resilience Act (DORA) is the EU regulation that strengthens the ICT security framework for financial entities. Venve...
Register of Information (RoI)
Article 28(3) of DORA requires financial entities to maintain and keep up to date a Register of Information in relation to all contractual a...
Adding ICT Providers
ICT providers are the foundation of your DORA Register of Information. Every contractual arrangement, risk assessment, and concentration ris...
Managing Contractual Arrangements
Contractual arrangements document the formal agreements between your financial entity and ICT third-party service providers. Under DORA, the...
Defining Business Functions
Business functions represent the key operational processes and services within your financial entity that rely on ICT systems. DORA requires...
ICT Provider Risk Assessments
Risk assessments evaluate the risks posed by your ICT third-party providers and document findings, mitigations, and exit strategies. DORA re...
Branches and Sub-outsourcing Chains
DORA requires financial entities to report on their branch network and to track ICT sub-outsourcing chains through which services are ultima...
Concentration Risk Analysis
DORA Article 31 requires financial entities to assess and manage ICT concentration risk — the danger of over-reliance on a single prov...
xBRL-CSV Regulatory Export
The xBRL-CSV export generates the regulatory submission files required under DORA's Implementing Technical Standards (ITS). The export produ...
Running a DORA Gap Assessment
The Gap Assessment module helps you evaluate your organisation's compliance with DORA through a structured questionnaire. It identifies gaps...
Resilience Testing
DORA Articles 24-27 require financial entities to establish, maintain, and review a digital operational resilience testing programme. The Re...