HomeCyber BalkansSpeeding Up the Compliance Process for CIOs taking the DORA Test

Speeding Up the Compliance Process for CIOs taking the DORA Test

Published on

spot_img

The delay in the implementation of Regulatory Technical Standards (RTS) is causing concerns among experts in the financial and IT industries. According to Giancarlo Butti, an auditor and privacy/security expert, the incomplete regulatory process has left financial entities in a difficult position. While some delegated regulations have been released, others are still pending, leading to uncertainty and additional work for organizations. For example, financial entities redefining contracts with suppliers may need to later amend them to incorporate requirements related to managing relationships with subcontractors.

It is crucial for financial entities to carefully assess the risk associated with their entire supply chain, as the impact of the Digital Operational Resilience Act (DORA) extends beyond just financial institutions to the entire ICT supply chain. The complexity of DORA lies not only in the text itself but also in the practical steps required for compliance.

Davide Baldini, a lawyer and partner at ICT Legal Consulting, highlights the clarity of DORA as a regulation that applies uniformly across all EU countries and provides detailed provisions. In comparison, the NIS2 directive allows more flexibility for member countries in its implementation. DORA’s prescriptive nature makes compliance challenging in terms of time, human resources, and financial investments needed.

The uncertainty surrounding the arrival of all delegated regulations adds to the challenges faced by organizations aiming to comply with DORA. The need to align existing contracts and procedures with the forthcoming regulations increases the workload for financial entities and their partners in the supply chain. This delay not only impacts the financial sector but also has indirect consequences for the broader ICT industry.

As organizations navigate the complexities of DORA and await the full set of regulations, they must allocate resources effectively to ensure timely and comprehensive compliance. The evolving regulatory landscape highlights the importance of proactive risk management and collaboration across the supply chain to enhance overall operational resilience. The impact of DORA goes beyond mere regulatory compliance and underscores the need for a holistic approach to cybersecurity and data protection in the financial and ICT sectors.

Source link

Latest articles

When AI Agents Transform into Your Next Supply Chain Threat

When AI Agents Become Your Next Supply Chain Attack In an era where technology continues...

AWS GovCloud Credential Leak Prompts CISA to Share Important Cyber Incident Lessons

The Cybersecurity and Infrastructure Security Agency (CISA) has recently made public the details surrounding...

Webinar: The Infrastructure Decisions Shaping the Next Five Years

Webinar Explores Infrastructure Decisions Shaping the Next Five Years In a recent webinar titled "The...

Blip – Free Cross-Platform File Sharing App

New File-Sharing Application 'Blip' Revolutionizes Device-to-Device Transfers A groundbreaking file-sharing application named Blip has emerged,...

More like this

When AI Agents Transform into Your Next Supply Chain Threat

When AI Agents Become Your Next Supply Chain Attack In an era where technology continues...

AWS GovCloud Credential Leak Prompts CISA to Share Important Cyber Incident Lessons

The Cybersecurity and Infrastructure Security Agency (CISA) has recently made public the details surrounding...

Webinar: The Infrastructure Decisions Shaping the Next Five Years

Webinar Explores Infrastructure Decisions Shaping the Next Five Years In a recent webinar titled "The...