ISACA Provides Guidance Around EU’s Proposed Digital Operational Resilience Act
14.10.2021 17:19:00 EEST | Business Wire | Press release
Reforms following the 2008 financial crisis helped strengthen the resilience of the financial sector, but did not fully address digital operational resilience. The European Union’s recently released Digital Operational Resilience Act (DORA) draft is designed to provide digital operational resilience rules for EU financial institutions, and ISACA provides guidance on this proposal in its new white paper, Digital Operational Resilience in the EU Financial Sector: A Risk-Based Approach .
When finalized, DORA will enact rules for financial services system operators like investment firms, credit institutions, trading venues and electronic money institutions to ensure these systems’ stability and resilience to cyber incidents. Digital Operational Resilience in the EU Financial Sector outlines the objectives and legal basis for DORA, as well as its information and communication technology (ICT) requirements around risk management, information and cybersecurity, incident reporting, testing, and oversight of third-party service providers, some of which include:
- Set up and maintain resilient ICT systems and tools that minimize the impact of ICT risk.
- Have an ICT risk-management framework that includes strategies, policies, procedures, ICT protocols and tools necessary to effectively protect all relevant physical components and infrastructures from risk, such as damage and unauthorized access or usage.
- Test the ICT business continuity policy and the ICT disaster recovery plan at least yearly, and after substantive changes to the ICT systems.
- Include relevant provisions on accessibility, availability, integrity, security and protection of personal data, and guarantees for access, recover and return in the case of failures of the ICT third-party service providers in contracts that govern the relationship with third-party providers.
“The requirements laid out in DORA to identify all sources of ICT risk on a continuous basis and mandate an annual review of ICT risk management frameworks and review after a major incident, audit or testing are a step in the right direction,” says Chris Dimitriadis, ISACA chief global strategy officer. “However, to further strengthen the act, ISACA encourages provisions ensuring that ICT risk management plans go beyond being a compliance exercise by embedding governance responsibility within the management body, as well as requiring continuous training and ICT awareness of senior management and staff and independent testing performed by testers who are certified.”
During this period in which the DORA regulation is under consideration in the European Parliament and Council of the EU, ISACA’s EU Task Force is engaging with policy makers and sharing feedback. The final version of the regulation is expected in an estimated 18-24 months.
“ISACA is recognized among policy makers as an independent source of expertise on cybersecurity issues. The variety of backgrounds and experience of our members, reflected in the EU Task Force, have been welcomed by policy makers who have valued our contributions to the debate,” says Emily Bastedo, ISACA director for global government relations and public affairs.
To download a complimentary copy of Digital Operational Resilience in the EU Financial Sector, visit https://store.isaca.org/s/store#/store/browse/detail/a2S4w000004L1sxEAC. Additional publications that may be helpful for financial entities as they prepare for DORA include ISACA’s Risk IT Framework, 2nd Edition; Risk IT Practitioner Guide, 2nd Edition ; and IT Risk Fundamentals Study Guide. Other IT risk-related resources can be found at www.isaca.org/resources/it-risk.
About ISACA
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.
Twitter:
www.twitter.com/ISACANews
LinkedIn:
www.linkedin.com/company/isaca
Facebook:
www.facebook.com/ISACAGlobal
Instagram:
www.instagram.com/isacanews
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211014005760/en/
Contact information
Emily Van Camp, evcamp@isaca.org, +1.847.385.7223
Kristen Kessinger, communications@isaca.org, +1.847.660.5512
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Multi-Color Corporation Initiates Implementation of Restructuring Agreement29.1.2026 08:58:00 EET | Press release
Multi-Color Corporation (“MCC” or the “Company”), a global leader in prime label solutions, today announced that to implement the previously announced restructuring support agreement (the “RSA”), the Company has commenced its prepackaged Chapter 11 filing in the United States Bankruptcy Court for the District of New Jersey (“the Court”). MCC announced on January 27 it had entered into the RSA with holders of approximately 72% in amount of MCC’s secured first lien debt and its equity sponsor, CD&R, on the terms of a comprehensive financial restructuring. The transactions contemplated by the RSA will significantly deleverage MCC’s balance sheet, reducing its net debt load from approximately $5.9 billion to approximately $2.0 billion. The Company’s annualized cash interest will also be reduced from approximately $475 million to $140 million in 2026, a reduction of over $330 million, with long-term debt maturities extended to 2033 following consummation of the restructuring transactions. A
Takeda Reports Third-Quarter FY2025 Results: Updates Full Year Outlook to Reflect VYVANSE ® Generics Impact, OPEX Discipline and FX Tailwind; Progressing Toward Three Transformative Launches Ahead29.1.2026 08:37:00 EET | Press release
Takeda (TOKYO:4502/NYSE:TAK) today announced earnings results for the third quarter of fiscal year 2025 (nine months ended December 31, 2025). The gap between incremental Growth & Launch Products revenue and VYVANSE erosion is narrowing, and operational efficiencies drove year-on-year reductions in operating expenses, including R&D. The company raised its full-year forecasts based on cost discipline and FX tailwind, while its Revenue Management Guidance has been updated primarily due to the impact of VYVANSE generics. Takeda is positioned for long-term growth and has multiple late-stage programs with multibillion-dollar peak revenue potential. Following the positive readouts from Phase 3 studies in 2025, the company has submitted New Drug Applications (NDAs) for oveporexton and rusfertide and is on track to file an NDA for zasocitinib. Each of these programs, which Takeda expects to launch within the next 18 months, has the potential to redefine standards of care, transform patient liv
Ubitus Partners with Maizuru City, Kyoto to Launch AI Data Center Project, Advancing the Deployment of a Top-Tier AI GPU Center in Japan29.1.2026 08:00:00 EET | Press release
Ubitus K.K. (Headquarters: Shinjuku, Tokyo; Representative Director & CEO: Wesley Kuo), a global leader in cloud streaming and AI solutions, today announced that it will hold a land signing ceremony and press conference with Maizuru City, Kyoto Prefecture, on January 29, 2026. At the event, Ubitus will officially unveil its comprehensive plan to construct an AI Data Center in Maizuru City, marking the company’s transition into the physical construction phase of its initiative to build a top-tier AI GPU center in Japan. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128944842/en/ Ubitus will launch its Maizuru City AI Data Center project on January 29, marking the first step toward building a top-tier AI GPU center in Japan. Powered by NVIDIA Blackwell GPUs and NeoCloud, the project strengthens Japan’s AI infrastructure and regional development. This land agreement represents the first major milestone following Ubitus’ sel
Galderma Unveils ‘Wake Up To Restylane’, Underscoring Restylane as the Ideal Hyaluronic Acid Treatment for Always-On Natural Beauty29.1.2026 08:00:00 EET | Press release
Galderma (SIX: GALD), the pure-play dermatology category leader, has launched ‘Wake Up To Restylane’, a global campaign that showcases Restylane as an everyday beauty ally. Aligned with the growing desire for effortless, authentic results that restore facial balance and improve skin quality, the campaign highlights Restylane’s unique ability to deliver personalized results that move naturally with expressions to help people look and feel good.1,6,12-18 This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128829353/en/ The launch was unveiled at the IMCAS World Congress 2026 in Paris, where Galderma also presented new clinical data reinforcing Restylane’s efficacy across key facial areas such as the chin, jawline, temples, as well as the décolletage, underscoring its unique position as the only HA portfolio offering a variety of formulations for tailored outcomes.1,8-11 “What's compelling about ‘Wake Up To Restylane’ is its focu
Lattice to Showcase Advanced Edge AI Solutions at the FPGA-forum 202628.1.2026 23:00:00 EET | Press release
Lattice Semiconductor (NASDAQ: LSCC), the low power programmable leader, today announced its exhibition plan for the upcoming FPGA-forum 2026 taking place February 11 – 12, 2026 in Trondheim, Norway. As part of the event, Lattice Corporate Vice President of Software Solutions and Applications Engineering Eleena Ong will deliver a keynote presentation exploring how rapidly maturing AI technologies can turn FPGA platforms into innovation canvases for a much broader range of developers, sparking new application possibilities. Lattice will also deliver a technical presentation and host a demo showcase focused on how its low power FPGA solutions are advancing connectivity and edge AI applications. Who: Lattice Semiconductor What / When (GMT+1): Lattice Demo Showcase (Table #3), Feb 11-12 Keynote Feb. 11, 9:30 a.m. “Unlocking the Next Wave of FPGA Innovators with Generative and Agentic AI” Technical Presentation Feb. 12, 10 a.m. “Smaller. Cooler. Smarter: Lattice FPGAs’ Path to Uncompromised
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom