Contact us

Digital Operational Resilience Act (DORA)

DORA doesn’t have to be daunting. We help you secure your IT systems, manage risks, and satisfy regulators all while keeping your business moving forward.

The challenge

Read more

What is DORA?

The Digital Operational Resilience Act (DORA) is the first piece of EU legislation that provides a regulatory framework to ensure entities can withstand, respond and recover from ICT related disruptions and threats.

Who is in scope for DORA?

Over 20 types of financial institutions are in scope for DORA, including financial institutions, lenders, Fintech,Insurance companies , trading venues and many more. Organisations that supply financial services from the UK to the EU will also be in scope for DORA.

Regulatory expectation

From Q1 2025, EU financial services supervisor, including the Central Bank of Ireland, will expect full compliance with all DORA requirements.

The service

BH Consulting adopts a two-stage approach to enable financial entities meet DORA requirements.

Stage 1 – DORA Readiness Assessment and Scoping Exercise

A gap analysis focusing on the DORA security requirements in line with the pillars set out in the following framework.

Stage 2 – DORA Compliance Program

Following the Gap Analysis & Scoping stage, BH Consulting will create a tailored Operational Resilience Management Framework which will define the administrative and technical cybersecurity controls required to put in place to meet DORA compliance in line with the Irish Central Bank’s three pillars: Identify and Prepare, Respond and Adapt, Recover and Learn.

The project will focus on governance, risk management, incident reporting information sharing, management of third-party cybersecurity risk and operational resilience testing.

European Central Bank building in Frankfurt, Germany

Benefits

Implementation of a robust compliance program aligned with recognised industry standards and best practice

Ensuring your business has appropriate incident response management and reporting processes in place

Overall reduction in business financial, operational, reputation and regulatory risks through an improved operational resilience posture

Formalised approach to operational resilience testing

Formalising technology risk management requirements

Meet the operational security expectations and requirements of customers and partner organisations

Testimonials

“We engaged the services of BH Consulting in September to act as our DPO. They have expertly guided us through our GDPR journey, helping us to finalise our requirements to meet the GDPR standards. They have done this in a professional manner all the while aware of our limited time resources. Our DPO Annemarie, understands the way in which we work and has completely adapted her approach to suit our needs. I couldn’t recommend Annemarie and the team at BH consulting highly enough.”

Deirdre Walsh – Compliance Manager & Retail
Jack & Jill Children’s Foundation

“We found BH Consulting to be a huge help in achieving our ISO 27001 certification as they put so much structure on the process and helped us along every step of the way. Their knowledge and guidance the whole way along the journey was reassuring and really made the process seamless and easy to follow and understand. They were there to keep us accountable and ensure we were progressing at our bi-weekly meetings. We would definitely recommend BH Consulting to any organisation thinking of going for ISO 27001 certification and so quickly and cost effectively was a massive relief. The expertise BH Consulting provided to ensure we have a robust GDPR compliance framework in place was great. We would have no hesitation recommending BH Consulting to others in a similar position.”

Guvanch Meredov – Head of Product
MEG

“Make-A-Wish Ireland has been working with BH Consulting for three years and have found them to be incredibly supportive. GDPR can be extremely challenging and yet, for an organisation like ours, it is critical to be on top of everything at all times as we deal with such highly sensitive data. The support we have been given is practical, logical, and most importantly calming. They have demystified the complexities and have done repeated training with our team in order for everyone to be comfortable with all aspects. We would highly recommend any company to work with BH Consulting. A special thanks must go to Tracy Elliott who has worked with us since the start.”

Susan McQuaid O’Dwyer – CEO
Make a Wish Ireland

“BH Consulting have been our CISO since February 2019 and we have found their expertise to be extremely beneficial. They are very accessible when we need them and are very pragmatic in the advice they give. We really like the fact that they are independent and not tied to any vendors or solutions. We have confidence that BH Consulting are there with the right expertise and advice when we need them.”

Derek Wilson – CIO
Origin Enterprises Plc

“BH Consulting provide a reliable and valuable service to our organisation. Their expertise and continued guidance has been a great support to us since the introduction of GDPR.”

Eimear Vellekoop
CarTrawler

Why get in touch with BH Consulting

BH Consulting is a trusted, independent cybersecurity and data protection consultancy with over 20 years of experience. Whether you need expert guidance on compliance, risk management, or security strategy, our team delivers practical, vendor-neutral advice tailored to your needs.

  • Trusted by global brands and public sector bodies
  • ISO 27001-certified team with deep domain expertise
  • Proven track record in delivering real-world solutions
  • Flexible services: CISO/DPO as-a-Service, audits, training & more

Let’s start a conversation about securing your business.

Areas of interest*