Abstract

This IDC Perspective provides an overview of key drivers for digital operational resilience, proposed regulatory requirements for the EU Digital Operational Resilience Act (DORA), the new operational resilience rules in the U.K., and key considerations for financial organizations when preparing for the new regulations. The aim is to create a comprehensive regulatory framework on digital operational resilience as ICT risks continue to pose a challenge to the performance and stability of the European financial system.

The aim is to create a comprehensive regulatory framework on digital operational resilience for the financial services sector given disruptions from cyberattacks, technology outages, unexpected events, and financial services institutions' increasing reliance on technology and technology service providers to operate their businesses.

"DORA introduces to the EU financial sector a unified set of requirements for digital operational resilience. Greater governance of security and risk management, ICT incident reporting, and operational resilience testing will truly challenge the industry," said Maria Adele Di Comite, research director for IDC Financial Insights. "Financial entities cannot afford to wait for the political process to conclude but should already consider what a successful implementation will require."

Coverage