The DORA Regulation Roadmap

Amidst the ongoing and ever-evolving cyber threats the financial sector faces, the EU has introduced the Digital Operational Resilience Act. DORA’s purpose is unmistakable: safeguarding ICT systems in the European financial industry. It aims to ensure that the sector can not only withstand, respond to, and recover from ICT incidents but also continue delivering critical functions while minimising customer disruptions. DORA focuses on five essential pillars of IT resilience.

  • The European Commission published its draft Digital Operational Resilience Act as part of the Digital Finance Package (DFP) on 4th September 2020.
  • DORA was announced on 16th January 2023, with a set two-year implementation period
  • Organisations need to be compliant by 17th January 2025


What are DORA’s
Five Key Pillars?

FAQ Section


Q. How long will it take to complete DORA?


A. There is no immediate answer until we have fully scoped and undertaken a full gap analysis


Q. Will you provide a schedule of work?


A. We will provide a detailed Schedule of Works, with specific work packages and representative time frames


Q. What breadth of support can you offer?


A. We can provide Pen Testers, VA Assessors, Security Consultants, Training Specialists and Risk Specialists to support your internal or third-party engineering team in implementing the required actions detailed in the Schedule of Work agreed.


Q. Who in our organisation will be involved?


– Your IT team or third-party providers.

– Security team/ risk/ third parties.

– Departmental management.

– System owners and custodians.

– Review with Board/ Executives


Why outsource your DORA Compliance
To BIT Security?

Let us get
back to you

Tel +44 (0)1752 724 000

Plymouth Science Park, 1 Davy Rd, Plymouth, Devon PL6 8BX