← Cybersecurity Alphabet Soup

DORA

Digital Operational Resilience Act

governancehard

An EU regulation that requires banks, insurers, investment firms, and other financial entities to withstand and recover from ICT disruptions. It mandates ICT risk management, incident reporting, resilience testing, and oversight of critical third-party providers such as cloud vendors. It applies from January 2025 and reshapes how European finance manages technology risk.

Sources

More in governance