The Challenge

The Digital Operational Resilience Act (DORA) is the first piece of EU legislation addressing the topic of digital operational resilience & cybersecurity for financial services, in response to the increased reliance of financial services on digital technologies to deliver services.

Operational Resilience is an organisation’s ability to identify and prepare for, respond, and adapt to, and recover and learn from, an operational disruption to critical or Important Business Services delivered to external end users.

Alignment with DORA is in keeping with the Central Bank of Ireland’s strategic commitment to strengthen and maintain the resilience of the financial system and to continue to address existing vulnerabilities and weaknesses, and mitigate risks. The measures taken to comply with DORA will ensure that the financial system can better withstand future shocks and crises and to limit the impact of such events.

From Q1 2025, EU Financial Services supervisors, including the Central Bank of Ireland, will expect firms to be in full compliance with all DORA requirements.

The Service

BH Consulting adopts a two-stage approach to enable financial entities meet DORA requirements.

Stage 1 – DORA Readiness Assessment and Scoping Exercise

A gap analysis focusing on the DORA security requirements in line with the pillars set out in the following framework.

3 pillars of the Digital Operational Resilience Act (DORA

Stage 2 – DORA Compliance Program

Following the Gap Analysis & Scoping stage, BH Consulting will create a tailored Operational Resilience Management Framework which will define the administrative and technical cybersecurity controls required to put in place to meet DORA compliance in line with the Irish Central Bank’s three pillars: Identify and Prepare, Respond and Adapt, Recover and Learn.

The project will focus on governance, risk management, incident reporting information sharing, management of third-party cybersecurity risk and operational resilience testing.

The Benefits

  • Overall reduction in business financial, operational, reputation and regulatory risks through an improved operational resilience posture

  • Ensuring your management body understands its cybersecurity risk management responsibilities

  • Formalising technology risk management requirements

  • Ensuring your business has appropriate incident response management and reporting processes in place

  • Formalised approach to Operational resilience testing

  • Meet the operational security expectations and requirements of customers and partner organisations

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

"*" indicates required fields