ISACA Provides Guidance Around EU’s Proposed Digital Operational Resilience Act
14.10.2021 17:19:00 EEST | Business Wire | Press release
Reforms following the 2008 financial crisis helped strengthen the resilience of the financial sector, but did not fully address digital operational resilience. The European Union’s recently released Digital Operational Resilience Act (DORA) draft is designed to provide digital operational resilience rules for EU financial institutions, and ISACA provides guidance on this proposal in its new white paper, Digital Operational Resilience in the EU Financial Sector: A Risk-Based Approach .
When finalized, DORA will enact rules for financial services system operators like investment firms, credit institutions, trading venues and electronic money institutions to ensure these systems’ stability and resilience to cyber incidents. Digital Operational Resilience in the EU Financial Sector outlines the objectives and legal basis for DORA, as well as its information and communication technology (ICT) requirements around risk management, information and cybersecurity, incident reporting, testing, and oversight of third-party service providers, some of which include:
- Set up and maintain resilient ICT systems and tools that minimize the impact of ICT risk.
- Have an ICT risk-management framework that includes strategies, policies, procedures, ICT protocols and tools necessary to effectively protect all relevant physical components and infrastructures from risk, such as damage and unauthorized access or usage.
- Test the ICT business continuity policy and the ICT disaster recovery plan at least yearly, and after substantive changes to the ICT systems.
- Include relevant provisions on accessibility, availability, integrity, security and protection of personal data, and guarantees for access, recover and return in the case of failures of the ICT third-party service providers in contracts that govern the relationship with third-party providers.
“The requirements laid out in DORA to identify all sources of ICT risk on a continuous basis and mandate an annual review of ICT risk management frameworks and review after a major incident, audit or testing are a step in the right direction,” says Chris Dimitriadis, ISACA chief global strategy officer. “However, to further strengthen the act, ISACA encourages provisions ensuring that ICT risk management plans go beyond being a compliance exercise by embedding governance responsibility within the management body, as well as requiring continuous training and ICT awareness of senior management and staff and independent testing performed by testers who are certified.”
During this period in which the DORA regulation is under consideration in the European Parliament and Council of the EU, ISACA’s EU Task Force is engaging with policy makers and sharing feedback. The final version of the regulation is expected in an estimated 18-24 months.
“ISACA is recognized among policy makers as an independent source of expertise on cybersecurity issues. The variety of backgrounds and experience of our members, reflected in the EU Task Force, have been welcomed by policy makers who have valued our contributions to the debate,” says Emily Bastedo, ISACA director for global government relations and public affairs.
To download a complimentary copy of Digital Operational Resilience in the EU Financial Sector, visit https://store.isaca.org/s/store#/store/browse/detail/a2S4w000004L1sxEAC. Additional publications that may be helpful for financial entities as they prepare for DORA include ISACA’s Risk IT Framework, 2nd Edition; Risk IT Practitioner Guide, 2nd Edition ; and IT Risk Fundamentals Study Guide. Other IT risk-related resources can be found at www.isaca.org/resources/it-risk.
About ISACA
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.
Twitter:
www.twitter.com/ISACANews
LinkedIn:
www.linkedin.com/company/isaca
Facebook:
www.facebook.com/ISACAGlobal
Instagram:
www.instagram.com/isacanews
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211014005760/en/
Contact information
Emily Van Camp, evcamp@isaca.org, +1.847.385.7223
Kristen Kessinger, communications@isaca.org, +1.847.660.5512
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Hitachi and Google Cloud Expand Strategic Alliance to Accelerate Real-world Deployment of Physical AI Through FDE and Advanced Cybersecurity Solutions9.6.2026 03:20:00 EEST | Press release
Hitachi, Ltd. (TSE:6501, "Hitachi") today announced the expansion of its strategic alliance*1 with Google Cloud to support customers by accelerating the real-world deployment of physical AI and cybersecurity solutions to protect against AI generated threats. Garnering increasing attention, physical AI is a technology that connects AI-driven analysis and decision-making—derived from frontline data—to concrete actions such as autonomous control and operation of various devices and equipment. Continuously repeating this cycle enables optimal AI decision-making and execution tailored to each specific situation. Through the real-world deployment of physical AI, Hitachi is driving the transformation of social infrastructure. To realize this critical mission, through the strategic alliance, Hitachi will establish and globally deploy Hitachi's Forward Deployed Engineers (FDEs) model that leverages its strengths in IT, OT, and products cultivated through Lumada, together with Google Cloud’s adv
VeriSilicon Drives Commercial Adoption of AV2 Across Next-Generation Video and Streaming Applications9.6.2026 03:00:00 EEST | Press release
VeriSilicon (688521.SH) today announced that its VC9800D Video Processing Unit (VPU) IP supports AV2 decoding, further expanding the company’s advanced video codec portfolio for next-generation video and streaming applications. The VC9800D enables flexible deployment of next-generation video technologies across a broad range of intelligent consumer and multimedia devices. VeriSilicon has released VC9800D with AV2 to multiple global customers and is updating the IP based on the AV2 V1.0 specification. AV2 is the next-generation video coding specification from the Alliance for Open Media (AOMedia). Building on the foundation of AV1, AV2 is engineered to provide superior compression efficiency, enabling high-quality video delivery at significantly lower bitrates. It is optimized for the evolving demands of streaming, broadcasting, and real-time video conferencing. VeriSilicon’s VC9800D provides highly configurable video processing capabilities, supporting either standalone AV2 decoding or
ClickHouse Appoints New Leader for Asia Pacific and Expands Global Go-To-Market Leadership Team9.6.2026 01:45:00 EEST | Press release
ClickHouse, a leader in real-time analytics, data warehousing, observability, and AI/ML, today announced a significant expansion of its global go-to-market (GTM) leadership team, headlined by the appointment of Ed Lenta as Vice President, Asia Pacific and Japan (APJ). The additions build on the momentum established last year with the appointment of Kevin Egan as Chief Revenue Officer, and reflect ClickHouse's strategic investment in scaling its global organization to meet surging customer demand. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260608754768/en/ Ed Lenta, Vice President, Asia Pacific and Japan (APJ), ClickHouse Lenta joins ClickHouse to lead the company's go-to-market efforts across the APJ region. He brings deep experience scaling cloud and data platform businesses across the region, most recently as General Manager of Asia Pacific and Japan at Databricks, where he managed operations across more than twenty co
Money20/20 Europe Celebrates Ten Years of Industry Leadership as AI, Digital Assets and Financial Sovereignty Take Centre Stage8.6.2026 18:37:00 EEST | Press release
Money20/20, the world's leading fintech show and the place where money does business, celebrated a major milestone with its 10th Europe edition, convening more than 7,500 attendees, one in three at C-suite level, and over 2,300 companies from over 105 countries in Amsterdam, for three days of industry-defining announcements, strategic partnerships, and dealmaking that set the agenda for the future of financial services. Featuring more than 450 speakers across six stages, Money20/20 Europe welcomed leaders from banking, fintech, payments, policy, technology and digital assets to explore the forces reshaping the future of money. “This year’s show demonstrated that financial services have entered a new phase of transformation,” said Bryony Naylor, Vice President of Money20/20 Europe. “Across the show floor and on stage, we saw leaders move beyond discussing what’s next to actively building it. From AI and digital identity to financial sovereignty and digital assets, the conversations and
Liberty Latin America Selects BTS as Exclusive A2P Messaging Managed Services Partner Across All Its Markets8.6.2026 18:36:00 EEST | Press release
BTS announced today that it has been chosen as the exclusive provider of managed A2P SMS services for Liberty Latin America (LLA), supporting the company’s efforts to strengthen revenue protection, fraud mitigation, traffic intelligence, and operational visibility across its markets. The agreement reinforces LLA’s A2P messaging strategy throughout a broad regional footprint and establishes a coordinated operating model to improve control, visibility, and monetization of A2P traffic across its markets. The partnership will support revenue maximization, stronger fraud protection and grey-route mitigation, enhanced real-time traffic visibility, operational reporting and analytics, revenue assurance, and 24x7x365 managed services support. The agreement spans 25 markets and reflects a high level of operational trust in BTS’ ability to deliver consistent performance across diverse regulatory, technical, and commercial environments. “This agreement gives us a stronger and more consistent oper
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom