Search
Close this search box.

Are you the victim of a security incident? Contact our CERT

Training

The DORA regulation on digital operational resilience and cyber risk

This training course is designed to meet the requirements mentioned in article 5.4 of the DORA regulation. It aims to provide management bodies with the knowledge and skills they need about governance, contracts with ICT service providers, ICT risk management and the impact on operations.​

It includes:​

  • Cyber news as it is induced by DORA​
  • The fundamentals of DORA​
  • A reminder of the “Risks – Measures – Controls” trio and the essentials of Cyber risk management​
  • What it takes to move your organization towards compliance

Course overview

  • Understand the main objectives of the DORA regulation​
  • Make management accountable for meeting regulatory obligations​
  • Identify matrix concepts and notions​
  • Master the impact of the DORA regulation on contracts (pre-contractual phase and dedicated clauses)​

Course Curriculum

ICT risk management

  • Limit disruption caused by incidents with appropriate risk management and monitoring systems
  1. Document the ICT risk management framework
  2. Identify the most critical service providers
  3. Mapping risks to establish mitigation measures

ICT incident reports

  • Enhance the ICT incident management system to ensure an effective response to current threats
  1. Update and improve existing systems using monitoring and testing data

Digital operational resilience test

  • Test the effectiveness of the ICT risk management framework by testing systems and responding to threats with minimum impact
  1. Document the methods implemented to counter risks and achieve resilience objectives
  2. Document business continuity and recovery plans
  3. Conduct penetration tests

Risk management for third-party ICT service providers

  • Propose a holistic vision of the management of ICT service providers, particularly providers of critical and important functions
  1. Document a risk strategy for third-party ICT service providers
  2. Comply with the pre-contractual requirements : identification and assessment
  3. Set minimum contractual requirements
  4. Update a register of contracts related to ICT service providers

Sharing information and intelligence

  • Define a communication strategy to promote the sharing of information on cyber threats between financial entities
  1. Gather informations on cyber threats
  2. Contribute to information sharing between financial entities
  3. Train managers and employees on digital operational resilience

Method of Assessment

End-of-session quiz to assess the knowledge acquired

Training benefits

  • Industry-specific training provided by a regulatory compliance expert and by a lawyer with expertise in IT, compliance and security​
  • Recommandations and keys for what’s next

Who should attend?

  • Top management
  • Any collaborator involved in the DORA regulation, on an occasional or permanent basis

Entry Requirements

No prerequisites

How and when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 10 working days before the start of the training.

Accessibility

Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.

Duration

2 hours

Price

Contact us

Financing

OPCO support

Download the training sheet in PDF format

Would you like more information?

+33 (0)2 55 59 01 11

Almond commits itself to ensure that the collection and processing of your data, carried out from the site https://almond.eu/, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data. The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information. You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see cnil.fr for more information on your rights). You can exercise your rights by contacting Almond's Data Protection Officer at the following address: [email protected]. Your data will be kept within the European Union, in accordance with the regulations in force.