Digital Operational Resilience Act (DORA) - Introduction

In December 2022, the regulation (EU) 2022/2554 on Digital Operational Resilience for the financial sector was published in the Official Journal of the European Union. Also known as Digital Operational Resilience Act (DORA), the regulation intends to harmonise rules regarding digital resilience in the financial sector across all member states.

This training is about understanding the implications of DORA and how organisations are impacted from a business, compliance, governance, operational and IT perspective.

This training will provide participants with an overview of the main provisions and the differences from the existing Information and Communication Technologies (ICT) regulatory framework.

By the end of this training, participants will be able to understand:

• the main provisions of DORA regulation and the implications for their organisation;
• the implications for the existing ICT regulatory framework;
• how to manage ICT risks;
• how to classify and report incidents;
• the types of resilience testing;
• the key considerations related to the management of ICT third-party service providers.

• Current regulatory landscape in the context of operational resilience and ICT
• Main provision of DORA and implementation considerations:
  • ICT governance: definition of the roles, responsibilities and segregation of duties within your organisation
  • ICT risk management framework: risk taxonomy, methodology and related documentation
  • Incident classification,management and reporting
  • Resilience testing approach and scope
  • Third party services provider management: process and related documentation

This training is coordinated by Michael Horvath, Partner at PwC Luxembourg.

Michael Horvath is a partner at PwC with extensive expertise in sustainable finance and the asset management industry, including both financial and real assets. Since joining PwC Switzerland in 2011 and PwC Luxembourg in 2018, he has led significant projects in regulatory audit and advisory, focusing on the asset management sector. Michael has played a key role in implementing the EU regulatory framework for sustainable finance, including SFDR, taxonomy regulation, and CSRD, as well as other regulatory initiatives such as DORA, AML/CTF, CSSF circular 18/698, and MICA. He is a certified public accountant in Switzerland and Liechtenstein and has contributed to designing compliance frameworks and operational implementations driven by regulatory changes.