DOReAdy

Discover what DOReAdy is all about with this 32 seconds’ video.

IN A NUTSHELL…

“DOReAdy” ALLOWS YOU TO:

FOR FINANCIAL INSTITUTIONS UNDER THE SCOPE OF THE DIGITAL OPERATIONAL RESILIENCE ACT AND FOR CONSULTING COMPANIES POSITIONING CONSULTANTS ON DORA PROJECTS:

  • Concerning “DORA compliance” internal projects, DOReAdy provides you with a mapping of the DORA text in order to easily identify:

    • the Strategic-related categories to address regarding:

      • scope identification (and its related themes)

      • requested decisions (and its related themes)

      • requested controls (and its related themes)

    • the Risk-related categories to address regarding:

      • assessment (and its related themes)

      • monitoring (and its related themes)

      • testing (and its related themes)

    • the Legal-related categories to address regarding:

      • pre-contractualization

      • during contract

      • termination

    • For all the above:

      • the identification numbers of the associated DOReAdy items

      • the exact words from the DORA text associated with each DOReAdy item

FOR FINANCIAL INSTITUTIONS UNDER THE SCOPE OF THE DIGITAL OPERATIONAL RESILIENCE ACT:

  • For preparation of DORA audits, in addition to the above, DOReAdy provides you with:

    • additional Strategic and Risk-related compliance guidelines for :

      • wording adaptation with the auditors

      • priority matrix followed by auditors

"ONE LOOK IS WORTH A THOUSAND WORDS" (FRED R. BARNARD)

* * *

"ONE LOOK IS WORTH A THOUSAND WORDS" (FRED R. BARNARD) * * *

Example from the DOReAdy Methodology Matrix

Here is an example of the “Testing” category related to Risk. The Testing category contains multiple themes, including one called “Framework”, which contains the greatest number of DOReAdy items and is consequently the most important theme to implement. The DOReAdy item #119 is listed under this “Framework” theme.

Now using the mapping table, you can easily retrieve the DOReAdy item #119, the associated exact words from the DORA text, as well as be able to retrieve the chapter, article, and paragraph where these words are located in the text.

The contents of the DOReAdy Methodology Matrix are made available through our secured DOReAdy Member Site.

"EITHER WRITE SOMETHING WORTH READING, OR DO SOMETHING WORTH WRITING" (BENJAMIN FRANKLIN)

* * *

"EITHER WRITE SOMETHING WORTH READING, OR DO SOMETHING WORTH WRITING" (BENJAMIN FRANKLIN) * * *

PUBLISHED CYBERSEC AT HAND’s CONSULTATION FOR GOVERNMENTAL ORGANIZATIONS

The linked document is a public consultation by the European Supervisory Authorities in which CYBERSEC AT HAND participated regarding the second batch of the Digital Operational Resilience Act (DORA)’s RTS and ITS. It addresses the following:

  • the content of the notification and reports for major incidents and significant cyber threats

  • determining the time limits for reporting major incidents

  • the standard forms, templates and procedures for financial entities to report a major incident

  • the standard forms, templates and procedures for financial entities to notify a significant cyber threat