DORA — Register of Information

Complete guide to the Register of Information (RoI) required by DORA Art. 28(3) — ICT providers, contractual arrangements, business functions, risk assessments, branches, sub-outsourcing, concentration risk, and XBRL/CSV export.

Register of Information — Overview

The Register of Information (RoI) is the cornerstone of DORA compliance. This article covers the regulatory background, the Venvera RoI dash...

ICT Third-Party Providers — Art. 28

The ICT Providers module captures every third-party ICT service provider your financial entity relies upon. This article explains the regula...

Contractual Arrangements — Art. 30

The Contractual Arrangements module tracks every agreement your financial entity has with its ICT third-party service providers. This articl...

Business Functions — Art. 3(21)

Regulatory Context DORA Article 3(21) defines a "critical or important function" as any function whose disruption would materially impair th...

ICT Provider Risk Assessments — Art. 28(1)

Regulatory Context DORA Article 28(1) requires financial entities to conduct and maintain ongoing risk assessments of their ICT third-party ...

Branches — ITS B_01.03

Regulatory Context The DORA Implementing Technical Standards (ITS) 2024/2956 template B_01.03 requires financial entities to report all bran...

Sub-outsourcing Chains — Art. 31

Regulatory Context DORA Article 31 addresses ICT concentration risk , including the risk that arises from sub-outsourcing chains. When your ...

Concentration Risk Analysis — Art. 31

The Concentration Risk Analysis page provides an automated, data-driven view of how dependent your organisation is on individual ICT third-p...

xBRL-CSV Regulatory Export — ITS 2024/2956

The xBRL-CSV Export page allows you to generate the regulatory filing package that financial entities must submit to their National Competen...

📑 DORA — Register of Information