Eine moderne Darstellung eines Computerchips, der von virtuellen Symbolen für DORA umkreist wird

At birkle IT, we adhere to industry standards and implement them!

Compliance is critical to maintaining trust, unlocking new opportunities or avoiding fines.

From data protection to industry-specific requirements – including DORA (Digital Operational Resilience Act), FIDA (Financial Data Access) and the EU Accessibility Act – we ensure that every aspect of your IT environment meets current standards and is ready for future regulatory changes.

What is the Digital Operational Resilience Act (DORA), why is it important and what contribution can birkle IT make?

Increasing digitalization and cyber threats pose major challenges for companies, especially in the financial and insurance sectors. With the Digital Operational Resilience Act (DORA), the European Union has developed a comprehensive set of regulations to ensure that companies are resilient to digital risks. In force since January 17, 2023, DORA must be fully implemented by January 17, 2025.

What is DORA?

DORA creates a uniform regulatory framework that obliges companies to take all necessary measures to protect their digital systems against disruptions and threats and to recover from them quickly. The framework applies to almost all players in the financial sector: from banks and insurance companies to payment service providers and asset managers.

The goals of DORA

  • Strengthening security
    Companies must secure their systems so that they can withstand cyber attacks.

  • Resilience
    Resilience to disruptions and threats is increased through specific measures.

  • Harmonization
    Uniform requirements and reporting guidelines for all EU member states, making the financial market more consistent and transparent.

Virtuelle Darstellung einer Eisenkette, die aus winzigen Punkten besteht

Resistance to cyberattacks

The core areas of the DORA framework

DORA focuses on five key areas that contribute to operational resilience:

  • ICT risk management
    End-to-end view and scenario analyses for possible threats.

  • Incident reporting
    Companies are obliged to document serious incidents and report them to the supervisory authorities.

  • Resilience tests
    Regular tests of critical systems, including penetration tests, are mandatory.

  • Third-party management
    All critical outsourcing service providers, especially IT service providers, must be comprehensively monitored and documented.

  • Information exchange
    Promoting cooperation and the exchange of threat information between financial companies and authorities.

The importance of ICT third party risk management

As many companies outsource IT services to third-party providers, DORA requires that these relationships are closely monitored. Companies must ensure that third-party providers meet the same security and resilience requirements and must analyze and minimize any risks, such as concentration risks.

DORA: A necessary step for the future of the financial sector

DORA is a response to the growing threat of cyberattacks and data leaks. The standardized regulations are not only intended to strengthen security in the financial sector, but also to support Europe’s economic stability. Companies are now required to adapt their structures and processes to the new standards in order to ensure both operational stability and the protection of customer data.

The services of birkle IT in relation to DORA

birkle IT offers regulatory services, IT resilience assessment, strategic IT security solutions, customized workshops & training and comprehensive monitoring as well as comprehensive IT auditing.

As part of an IT resilience assessment, we offer a comprehensive analysis of the resilience of your company’s IT infrastructure. The aim is to identify weak points and recommend improvement measures.

We would be happy to plan a strategy workshop together with you and our IT security experts to implement your regulatory project.

Benefit from our know-how

Have we aroused your interest?

Free initial consultationFree initial consultation