Examining compliance requirements under the EU’s Digital Operational Resilience Act (DORA) for the financial sector
| dc.contributor.advisor | Gritzalis, Stefanos | |
| dc.contributor.advisor | Γκρίτζαλης, Στέφανος | |
| dc.contributor.author | Skiadioti, Maria - Fani | |
| dc.contributor.author | Σκιαδιώτη, Μαρία - Φανή | |
| dc.date.accessioned | 2025-02-26T10:11:09Z | |
| dc.date.available | 2025-02-26T10:11:09Z | |
| dc.date.issued | 2025-02 | |
| dc.identifier.uri | https://dione.lib.unipi.gr/xmlui/handle/unipi/17509 | |
| dc.format.extent | 73 | el |
| dc.language.iso | en | el |
| dc.publisher | Πανεπιστήμιο Πειραιώς | el |
| dc.rights | Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/gr/ | * |
| dc.title | Examining compliance requirements under the EU’s Digital Operational Resilience Act (DORA) for the financial sector | el |
| dc.type | Master Thesis | el |
| dc.contributor.department | Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτων | el |
| dc.description.abstractEN | The current essay strives to critically examine the regulatory requirements under Regulation (EU) 2022/2554 of the European Parliament on digital operational resilience for the financial sector (DORA) that is framed by and aims to set out uniform requirements for the security of networks and information systems of entities operating in the financial sector including ICT third-party service providers. In that direction, the European Supervisory Authorities (ESAs), namely the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPSA), and the European Security and Markets Authority (ESMA), in consultation with the European Union Agency on Cybersecurity (ENISA), are in the process of developing common regulatory technical standards (RTS) to both ensure the harmonization of ICT risk management tools, methods, processes and policies and provide a simplified ICT risk management framework for financial entities under its scope. Further on this, while DORA provides a sector specific focus, it can leverage methodologies and global applicability and this synergy is encouraged throughout its documentation. Under that prism, the essay looks into these requirements and also addresses the collaborative relevance of existing standards and frameworks namely the ISO/IEC standards regarding the management of risks, ensuring business continuity and protection of information assets and the Threat Intelligence-Based Ethical Red Teaming (TIBER)-EU framework developed by the European Central Bank (ECB) to test and improve the cyber resilience of financial infrastructures and institutions, in an effort to consolidate the key points of this pivotal regulatory framework. The core elements of this review constituted an aggregated checklist tool for high-level compliance monitoring. The tool also serves as a simplified risk assessment ultimately resulting in an Overall Residual Risk Score and a Planning process that ranks risks from highest to lowest that could, in conjunction with an Audit Universe, lead to an Audit Plan. | el |
| dc.contributor.master | Ασφάλεια Ψηφιακών Συστημάτων | el |
| dc.subject.keyword | Digital Operational Resilience Act (DORA) | el |
| dc.subject.keyword | DORA Compliance | el |
| dc.subject.keyword | Financial Sector ICT Compliance | el |
| dc.subject.keyword | Regulatory Technical Standards (RTS) | el |
| dc.subject.keyword | DORA Compliance checklist | el |
| dc.subject.keyword | DORA Compliance high-level assessment | el |
| dc.date.defense | 2025-02-24 |
Αρχεία σε αυτό το τεκμήριο
Αυτό το τεκμήριο εμφανίζεται στις ακόλουθες συλλογές
-
Τμήμα Ψηφιακών Συστημάτων
Department of Digital Systems
Εκτός από όπου διευκρινίζεται διαφορετικά, το τεκμήριο διανέμεται με την ακόλουθη άδεια:
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα