))
Everything You Need to Know About DORA
Manage episode 419596197 series 3440321
Contenuto fornito da Gatekeeper. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Gatekeeper o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
We dive deep into the Digital Operational Resilience Act with Liam Mckenna, Partner at Mazars and Austin Kelly from Mazars. If you would like to work with Liam and Austin, please contact them here.
Book a call with a Vendor and Contract Management Expert here - https://www.gatekeeperhq.com/book-gk-demo-step-1
GATEKEEPER'S GUIDE TO VENDOR LIFECYCLE MANAGEMENT Actionable checklists, tips and best practices. Download the ebook now for FREE: https://www.gatekeeperhq.com/free-vendor-management-ebook
Contact Liam from Mazars here: https://www.mazars.com/Users/our-team/liam-mckenna
We dive deep into the Digital Operational Resilience Act with Liam Mckenna and Austin Kelly from Mazars. If you would like to work with Liam and Austin, please reach out to them here.
DORA (Digital Operational Resilience Act) is a new regulation that aims to address the increased digital risk organisations face. It focuses on five key pillars, including ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk. Non-compliance with DORA can damage an organisation's relationship with regulators and lead to remediation programs and penalties. Organisations need to start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Key challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses. Organisations should take DORA seriously and not just treat it as a compliance project. They should invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls.
Key Takeaways
-DORA is a new regulation that addresses the increased digital risk faced by organisations
-It focuses on five key pillars: ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk
-Non-compliance with DORA can damage an organisation's relationship with regulators and lead to penalties.
-Organisations must start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses
-Organisations should take DORA seriously, invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls
Chapters
00:00 Introduction
00:55 Overview of DORA
06:09 Non-Compliance and Penalties
09:44 Preparing for DORA Compliance
13:16 Challenges in DORA Compliance
25:25 Key Considerations and Conclusion
30 episodi
Condividi
