Supporting the digital operational resilience of the financial sector : the EU’s DORA Digital Operational Resilience Act
![Thumbnail](/xmlui/bitstream/handle/unipi/16273/DORA%20-%20MTE2109%20Karakasilioti.pdf.jpg?sequence=4&isAllowed=y)
Master Thesis
Author
Karakasilioti, Georgia Maria
Καρακασιλιώτη, Γεωργία - Μαρία
Date
2024-02View/ Open
Keywords
DORA ; Resilience ; European Union ; Cyber security ; Operational resilience ; Financial entitiesAbstract
This dissertation examines the effects and execution of the Digital Operational Resilience Act (DORA) in the financial sector of the European Union. DORA is a substantial legislative initiative aimed at harmonising the handling of Information and Communication Technology (ICT) risks among EU financial institutions to enhance the sector's resilience against ICT-related disruptions and threats.
The analysis outlines DORA's goals, highlighting its function in ICT risk management, incident reporting, digital operational resilience testing, third-party risk management, and information sharing within financial institutions. It emphasises the reasoning behind DORA, regarding the growing interconnectedness of financial services and the increasing frequency of cyber threats.
The following chapters analyse the framework in depth, from its historical background, legal structure, and its essential elements. An analysis of ICT risk management strategies highlights DORA's criteria for financial institutions, exploring the development of strong ICT risk management frameworks, incident reporting procedures, resilience testing, and oversight of third-party ICT service providers.
An analysis of "Bank X" showcases the practical use of the DORA Assessment Tool, highlighting how financial institutions can assess and improve their adherence to DORA regulations. This segment highlights the significance of preparation, teamwork, and a structured evaluation process in pinpointing compliance deficiencies and opportunities for enhancement.
The dissertation discusses the ongoing development of DORA, highlighting recent updates and improvements designed to enhance the digital operational resilience of the financial sector. These modifications demonstrate the evolving nature of digital finance, integrating the most recent technological innovations and emerging obstacles.
Ultimately, it is suggested that financial institutions should prioritise continuous compliance monitoring, improve risk management practices, invest in incident response capabilities, and strengthen third-party risk management to adhere to DORA guidelines. Financial entities can enhance their resilience against digital risks and ensure operational stability and continuity by following these recommendations to comply with regulatory requirements.
This thorough examination of DORA and its execution offers valuable insights for policymakers, financial institutions, and academics, aiding in a better comprehension of the framework's impact on improving the digital operational resilience of the EU's financial sector.