13 . 11 . 2024
SECURITY DORA: New Digital Resilience Regulations and Support from Fordata
13 . 11 . 2024
On January 17, 2025, the Digital Operational Resilience Act (DORA) will come into force, mandating financial entities to manage ICT-related risks and ensure operational digital resilience. The goal is to enhance the security of information and communication technology (ICT)-based financial systems, thereby increasing financial stability across the European Union. At Fordata, we operate according to the ISO 27001 standard, enabling us to effectively support our clients in fulfilling DORA compliance requirements.
DORA – What Does It Mean for the Financial Sector?
The DORA regulation is a comprehensive set of rules on ICT risk management, primarily aimed at entities supervised by the Financial Supervision Authority (KNF) and their service providers. It introduces the obligation to manage ICT risk, which includes assessing and monitoring risk, incident reporting, and testing resilience against cyber threats.
Fordata: We Are Ready for DORA
At Fordata, we don’t wait until the last moment. We operate daily in line with the ISO 27001 standard and take a proactive approach to help our clients meet DORA’s new requirements. Here’s how we assist our clients in complying with these new mandates:
01. ICT Risk Management
Financial institutions must effectively identify, assess, and manage ICT-related risks, including those involving technology service providers. At Fordata, we conduct regular internal audits to ensure our security measures are effective. We manage risks related to information security breaches, personal data protection violations, and conduct threat analyses encompassing cybersecurity.
02. Incident Reporting
DORA mandates prompt reporting of ICT security incidents. Fordata has established incident management procedures that allow us to effectively distinguish events from incidents and take swift remedial action. We are committed to informing clients of any incidents, enabling them to report promptly to the appropriate supervisory authorities.
03. Business Continuity Management
DORA requires financial entities to have business continuity plans in place in case of ICT disruptions. Fordata has a tested contingency plan that includes system recovery procedures. We guarantee an RTO (Recovery Time Objective) of under 8 hours and an RPO (Recovery Point Objective) of up to 15 minutes.
04. Digital Resilience Testing
Regular digital resilience testing is a key requirement of DORA. Fordata continually strengthens its cybersecurity capabilities and commissions external penetration tests to assess system resilience against potential threats. Additionally, we test our business continuity plans, including Disaster Recovery infrastructure, and run backup tests to ensure their effectiveness.
05. Support for DORA Compliance
DORA regulates the relationship between supervised entities and external ICT service providers. Therefore, we include clauses addressing both parties’ responsibilities in our client agreements. Upon request, we also provide more detailed information about Fordata, which clients need to complete the “DORA Self-Assessment Questionnaire.” We maintain transparency in our operations, believing that effective security management does not rely on “security by obscurity.”
Fordata’s Comprehensive Approach to Security and Compliance
Fordata is committed to supporting clients in complying with both national and EU regulations. At Fordata, we continuously analyze not only the legal acts that apply directly to us but also those affecting our clients. This enables us to better support them in ensuring compliance and to adapt our services to their regulatory needs.
Fordata – Your Partner in the DORA Era
The introduction of DORA is a challenge that requires dedication, knowledge, and the right tools for ICT risk management. Fordata is ready to support clients at every stage of adapting to the new requirements. As a company operating in line with ISO 27001, we understand the importance of continuous security improvement and compliance assurance. We act ethically and responsibly, supporting both our clients and employees in building digital resilience.
The DORA regulation will take effect on January 17, 2025.
The technical standards detailing tools, methods, processes, and ICT risk management policies stipulated by DORA are available in the European Union’s legal act database.
Did you like the article?
Co-founder of FORDATA. On a daily basis, I ensure that the VDR system and FORDATA's new products meet our clients' needs while maintaining the highest security standards. Outside of work, I am a mother of two, a slow-life enthusiast, and a passionate fan of outdoor sports.
Do you want to exchange knowledge or ask a question?
Write to me : Aleksandra Porębska-Nowak page opens in new window
Achieve success with a VDR
TEST FREE TEST FREE-
01 . Fake software aggregators – how to identify them?
Fake software aggregators and Virtual Data Room industry. See how developers try to deceive their customers with fake software comparison websites.
14.03.2024
-
02 . Safe alternative to Dropbox in Due Diligence
Why should I pay for VDR when I can use Dropbox?’ – our clients ask this question sometimes. Yet the answer is not that straight…
26.01.2024
-
03 . Can Microsoft One Drive or Google Drive replace VDR?
Can Microsoft’s and Google’s Drive replace VDR? Popular storage clouds are convenient but can they provide the same level of security?
29.12.2023
-
04 . VDR in due diligence process
M&As are a permanent element of the economic world. Their goal is to achieve strategic and financial benefits by expanding markets, diversifying products and production processes.
27.05.2023
-
05 . Cloud data encryption - what to know before choosing a provider?
Technically and practically speaking, all popular cloud-based tools are securely encrypted. In fact, this means that we do not have to worry about the problem of data encryption…
22.08.2022
-
06 . Cybersecurity - what should companies pay attention to?
Entrepreneurs today look at remote work without fear, although many could not imagine effective work outside the office earlier this year. The pandemic proved that…
30.09.2020
-
07 . Flexible office - how to respond to new needs?
Companies have returned to offices with new needs. Entrepreneurs are starting to look for flexible rental models thanks…
24.08.2020
-
08 . Are your email attachments safe?
The modern office cannot function without email. According to the Radicati group, a statistical employee receives 121 messages per…
02.03.2020
-
09 . How to black out text in a PDF document correctly?
Document redaction has many faces – it may turn out that overwriting of the text in our document, which at first glance looks…
27.02.2020
-
10 . Safe cloud and the user - a marriage of convenience
According to a report on cloud computing prepared by McAfee, up to 87% of the companies surveyed believe that…
03.02.2020
-
11 . Rules of Safety Policy in FORDATA VDR
The FORDATA team is aware that even well-secured infrastructure has no chance against any infection resulting from human error.
31.10.2019
-
12 . Dropbox security - what should your business know?
Dropbox makes collaboration and sharing of documents easier but is the platform secure enough for our company to process confidential information with it? What to…
18.10.2019
-
13 . Cloud Data Storage And File Security
The internet has become a common thing in companies’ lives. The enormity of dedicated services, fast transfers and increasing mobility…
31.07.2019
-
14 . FORDATA wins the 2019 Premium Usability and Rising Star Award
FORDATA has earned the prestigious 2019 Premium Usability and Rising Star Award from FinancesOnline, a popular B2B software…
30.04.2019
-
15 . Due Diligence audit using Virtual Data Room - security in your company
The process of sharing confidential information can be greatly improved by using Virtual Data Room. Preparing for an audit?
14.01.2019
-
16 . What is electronic data repository?
What is electronic data repository and why to use it? Maybe you already do? Read about the features and advatnages of a good online repository.
04.12.2018
-
17 . FORDATA recognized with 2 IT Security Software Awards!
FORDATA got Two Awards through a renowned organization FinancesOnline, a fastest growing independent review platform.
01.02.2018
-
18 . Virtual Data Room: Everything you need to know
What is a virtual data room? What benefits can we achieve by using the system in merger and acquisition transactions?
25.10.2017
-
19 . GPG standard - a word on encrypting confidential data
Some users want it 101% safe. If the files we share via cloud services really need that extra layer of protection, encrypting them with a GPG standard might be a good idea.
13.07.2016
-
20 . How can we help you with Due Diligence?
Time plays a major role in M&A transactions. Even the smallest improvement that saves time needed to prepare and perform Due Diligence…
10.03.2014