An EU regulation that sets uniform requirements for the digital operational resilience of the financial sector, including ICT risk management and third-party oversight.
DORA is an EU regulation focused on the financial sector. It requires firms to manage ICT risk, test their resilience, report major ICT-related incidents, and oversee critical third-party technology providers.
Because it is a regulation rather than a directive, it applies directly across member states. It pulls operational resilience under a single supervisory framework for banks, insurers, investment firms, and their key ICT suppliers.
Related frameworks
KaitoSec