Regulatory Alerts2024-07-05
DORA Checklist: Governance, ICT Risk Management, and Operational Resilience Requirements
The Dutch Authority for the Financial Markets (AFM) issued this checklist to guide financial entities in assessing their compliance with the Digital Operational Resilience Act (DORA) ahead of the January 17, 2025 deadline. The document outlines ten critical thematic areas, including governance, ICT risk management, information security, business continuity, and third-party ICT risk management, requiring firms to establish specific policies, registers, and procedures. It serves as a practical tool for conducting gap analyses and implementing necessary operational resilience measures, while noting simplified frameworks for smaller entities.
Share