Quick Contact
Get in touch and see how Risk Reward can help you
Our London team are ready to answer questions, provide information & choices to help make your public seminar booking in a prompt, professional & friendly manner.
Shop
Trending
UK EU MENA WAT GCC Time Zones
CPEs:
24
Instructor:
Dennis Cox
Level:
Intermediate
Tuition:
£2,995.00
NEW Digital Operational Resilience Act (DORA) – Regulation and Impact CRP057
Location: UK EU MENA WAT GCC Time Zones
First Date: Feb 24 - 26 2025
Duration: 3 days
Programme Director: Dennis Cox
All Dates & Locations
Venue Details
Experience the highly-interactive expert-led social learning through Virtual Classroom via Cisco WebEx from Risk Reward.
All our 2024 Live, on-site and Live Virtual Classroom events feature shared (or discrete) live chat between delegates and the expert, participate in topical surveys, polling questions, group exercises and case studies for a tried -and- true engaging and gratifying learning experience.
Need to bring this course in house, train your team or 1:1? Simply contact us for significant cost savings and dates best suited to meet your specific needs.
Agenda Highlights
Session 1: The Digital Operational Resilience Act (DORA)
Session 2: ICT Risk Management
Session 3: ICT Related Incident Management , Classification and Reporting
Session 4: Digital Operational Resilience Testing
Session 5: Management of ICT Third-party risk
Session 6: Other matters
Session 7: The DORA Project
Overview
The Digital Operational Resilience Act or DORA brings into law matters previously dealt with through the provision of regulatory standards. The Bank for International Settlements (BIS) published its principles for the management of operational resilience in March 2021. Whilst this did refer to ICT it had a wider focus. This is legislation applied in the EU and takes elements of those principles to be enshrined in law.
Accordingly firms that were thinking that there was flexibility in applying the BIS principles will find that some elements of that flexibility have been clarified in this Act. Firms need to urgently appreciate the extent of these requirements and reconsider the project plans that they have implemented. This timely training event is designed to explain the scope, scale and contents of this important legislation and enable delegates to consider the actions that they will be required to take.
Who Should Attend
This course is designed for the following parties involved with financial institutions:
- The Board
- Risk management
- ICT management
- Internal audit
- Compliance
- Regulators
Additional Course Information
What Does It Cover?
Session 1: The Digital Operational Resilience Act (DORA)
- Subject matter
- Relationship to BIS guidance
- Scope
- Definitions
- Proportionality
- Timetable
Session 2: ICT Risk Management
- Governance and organisation
- ICT risk management framework
- ICT systems, protocols and tools
- Identification
- Protection and prevention
- Detection
- Response and recovery
- Back up policies and procedures
- Restoration and recovery procedures and methods
- Education and training
- Communication
- Simplified ICT risk management Framework
Session 3: ICT Related Incident Management, Classification and Reporting
- Classification of ICT-related incidents and cyber threats
- Reporting major ICT related incidents
- Voluntary notification of significant cyber risks
- Operational or security payment-related incidents concerning credit institutions, payment institutions, account information service providers, and electronic money institutions
Session 4: Digital Operational Resilience Testing
- General requirements for the performance of digital operational resilience testing
- Testing of ICT tools and systems
- Threat led penetration testing (TLPT)
- Requirements for testers for the carrying out of TLPT
Session 5: Management of ICT Third-party risk
- General principles
- Preliminary assessment of ICT concentration risk
- Key contractual provisions
- Designation of critical ICT third-party service provider
- Structure of the oversight framework
- Inspections
- Ongoing oversight
- Guidance
Session 6: The DORA Project
- What needs to be done?
- Critical components
- The project plan
- Project governance
- Actions and activities
Learning Objectives
By the conclusion of this session delegates will have gained an insight into the new requirements of the Digital Operational Resilience Act. Specifically, they will have addressed:
- Aims and goals
- ICT risk management
- ICT incident management
- Third party ICT risk management
- Digital operational resilience testing
- Penalties and proceedings
Delegates who complete the course will receive a Certificate with equivalent CPD/CPE credits via email; and for those who require an assessment as a demonstration of competency via training a 20 multiple-choice questions and answers quiz, remotely invigilated with results report and 1 resit, is available at no additional charge when requested at time of reservation.
Social Learning & Methods
Highly interactive expert-led intensive presentation, Q&A, group real-time in-depth case studies, regulation and discussion supported by key principles and theory. The virtual learning platform uses safe, industry preferred encrypted Cisco WebEx to optimize live face-to-face visual interaction, discrete chat, for polling and quizzes.
(An invitation via email with access link is included for all participants.)
Registration
NEW Digital Operational Resilience Act (DORA) – Regulation and Impact
Course Fee
Apply 10% discount code RISK10 by December 15, 2024 at check-out
Course Fee (per person):
GBP £2,995.00 (+ UK VAT when applicable)
Get in touch and see how Risk Reward can help you
Our London and Miami teams are ready to listen carefully to your needs, take the brief, explore options, offer suggestions and help you in a professional and friendly manner.