DORA Lead Manager (Digital Operational Resilience Act)

DORA Lead Manager; Master the implementation and management of digital resilience frameworks in line with the DORA requirements

Overview

DORA Lead Manager (Digital Operational Resilience Act)

Financial entities will be required to ensure compliance with DORA requirements. Noncompliance with DORA can result in significant penalties, reflecting the seriousness with which the EU views digital operational resilience. While the specific penalties can vary based on the nature and severity of the noncompliance, they are designed to be dissuasive and proportionate.

The Digital Operational Resilience Act (DORA) is a comprehensive EU regulation designed to bolster the operational and cybersecurity resilience of financial entities, ensuring they are better equipped to handle information and communication technology (ICT) risks and disruptions in an increasingly interconnected and digital financial environment.

ICT Risk Management

DORA mandates that financial institutions develop and maintain a comprehensive framework to manage ICT risks, encompassing prevention, detection, response, and recovery measures, ensuring operational continuity and mitigating the impact of potential disruptions on financial systems and customers.

Incident Reporting

Financial entities must implement robust processes for reporting significant ICT-related incidents, such as cyberattacks or system failures, to regulators in a standardized and timely manner, fostering transparency and enabling authorities to coordinate responses effectively.

Third-Party Risk Management

The regulation emphasizes rigorous oversight of third-party ICT service providers, particularly critical providers like cloud services, requiring institutions to establish risk assessment processes, contractual safeguards, and termination rights to minimize dependencies and potential vulnerabilities.

Resilience Testing

DORA enforces regular, systematic testing of ICT systems through methods like penetration testing, scenario-based evaluations, and advanced resilience assessments, ensuring that financial entities can identify weaknesses and enhance their defenses against cyber threats.

Information Sharing

The regulation encourages financial entities to voluntarily exchange cyber threat intelligence and share best practices, promoting collective preparedness and improving sector-wide resilience against sophisticated and evolving cybersecurity challenges. By harmonizing digital resilience requirements across the EU, DORA aims to ensure the stability of financial institutions, protect consumer trust, and strengthen the overall integrity of the financial system in the face of growing digital risks.

The certification on DORA from  PECB

The PECB Certified DORA Lead Manager training course will help you gain the knowledge and advance the skills in establishing, implementing, and managing an ICT risk management framework based on DORA requirements.

 

Learning Objectives

After completing this training course, you will be able to:

  • Understand the regulatory landscape and compliance requirements outlined in DORA, focusing on key pillars such as ICT risk management, ICT-related incident management and reporting, digital operational resilience testing, and ICT third-party risk management
  • Implement effective strategies and measures to enhance digital operational resilience and mitigate ICT risks within financial institutions, aligning with DORA requirements and industry best practices
  • Identify, analyze, evaluate, and treat ICT risks relevant to the financial entities
  • Develop and maintain robust ICT risk management frameworks, incident response plans, business continuity and disaster recovery plans
  • Foster collaboration and communication with key takeholders to ensure successful implementation and ongoing compliance with DORA
  • Utilize industry-standard tools and methodologies for monitoring, assessing, and managing ICT risks and vulnerabilities, enhancing the overall security posture of financial institutions

Program

Module 1: Introduction to the concepts and requirements of DORA
Module 2: ICT-related risk and incident management
Module 3: ICT third-party risk management and information sharing
Module 4: Review and continual improvement
Closing of the training course

This training course is intended for

  • Financial institutions executives and decision-makers
  • Compliance officers and risk managers
  • IT professionals
  • Legal and regulatory affairs personnel
  • Consultants and advisors specializing in financial regulation and cybersecurity

Exam & Certificate

The “PECB Certified DORA Lead Manager” exam meets the PECB Examination and Certification Program (ECP) requirements, and it covers the following competency domains:
Domain 1 Fundamental concepts of ICT risk management and digital operational resilience
Domain 2 Preparing and planning for DORA project implementation
Domain 3 ICT risk and ICT-related incident management
Domain 4 Digital operational resilience testing and ICT third-party risk management
Domain 5 Review and continual improvement

The exam is available online, please refer to PECB Online Examinee Guide ; Duration: 3 hours

Make your choice

Training material Coached, Exam included

The coached model (remote) includes three hours (to be planned and agreed with the trainer) during a 4 weeks’ timeframe encompassing a summary of each training day.

This approach is ideal if you want to invest time in self-study. Your booking is confirmed once full payment of your invoice is received.

Training material self-learning, Exam included

This model is a complete self-learning

This approach is ideal if you want to invest time in self-study. You receive the training material and exam-vouchers, once full payment of your invoice is received.

FAST TRACK – INTENSIVE – ONLINE – Individual Sessions, Exam included

The online sessions is organised during one full day starting at 9:30 encompassing the course material.

There is also the option to only take half a day of training depending on your expertise level.

WITH THIS FORMULA THE FULL CPE’s APPLY

KMO-Portefeuille

Physical Fast-Track Classroom, Exam included

The physical Classroom training is a two day intensive class training.

It is ideal if you have already a basis in Information security.

A small lunch is foreseen during noon.

Upon completion of the training, exam vouchers will be issued.

After your training you will get the exam vouchers and will have the opportunity to schedule it.

You will need to register on the PECB website in order to get a student number.

WITH THIS FORMULA THE FULL CPE’s APPLY

2290_excl_vat_1x

KMO-Portefeuille

FAST TRACK – INTENSIVE – ONLINE – VIRTUAL CLASSROOM, Exam included

The online sessions are organised during two full days starting at 9:30 encompassing the course material.

This is an intensive training

WITH THIS FORMULA THE FULL CPE’s APPLY

KMO-Portefeuille

Training Calendar