Procurement Reimagined

Everything You Need to Know About DORA


Listen Later

We dive deep into the Digital Operational Resilience Act with Liam Mckenna, Partner at Mazars and Austin Kelly from Mazars. If you would like to work with Liam and Austin, please contact them here.

 

Book a call with a Vendor and Contract Management Expert here - https://www.gatekeeperhq.com/book-gk-demo-step-1

 

GATEKEEPER'S GUIDE TO VENDOR LIFECYCLE MANAGEMENT Actionable checklists, tips and best practices. Download the ebook now for FREE: https://www.gatekeeperhq.com/free-vendor-management-ebook

 

Contact Liam from Mazars here: https://www.mazars.com/Users/our-team/liam-mckenna

 

We dive deep into the Digital Operational Resilience Act with Liam Mckenna and Austin Kelly from Mazars. If you would like to work with Liam and Austin, please reach out to them here.

 

DORA (Digital Operational Resilience Act) is a new regulation that aims to address the increased digital risk organisations face. It focuses on five key pillars, including ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk. Non-compliance with DORA can damage an organisation's relationship with regulators and lead to remediation programs and penalties. Organisations need to start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Key challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses. Organisations should take DORA seriously and not just treat it as a compliance project. They should invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls.

Key Takeaways

-DORA is a new regulation that addresses the increased digital risk faced by organisations

-It focuses on five key pillars: ICT risk management, incident management and reporting, digital operation resilience testing, and third-party risk

-Non-compliance with DORA can damage an organisation's relationship with regulators and lead to penalties.

-Organisations must start preparing for DORA compliance by scoping the project, conducting a gap analysis, developing a roadmap, and implementing mitigation actions. Challenges include weaknesses in IT risk management, lack of asset management, and the need for standardised contract clauses

-Organisations should take DORA seriously, invest in ongoing risk assessments, engage with third parties, and commit to implementing robust controls

Chapters

00:00 Introduction

00:55 Overview of DORA

06:09 Non-Compliance and Penalties

09:44 Preparing for DORA Compliance

13:16 Challenges in DORA Compliance

25:25 Key Considerations and Conclusion

...more
View all episodesView all episodes
Download on the App Store

Procurement ReimaginedBy Gatekeeper

  • 5
  • 5
  • 5
  • 5
  • 5

5

3 ratings


More shows like Procurement Reimagined

View all
TED Radio Hour by NPR

TED Radio Hour

22,057 Listeners

The Tennis Podcast by David Law, Catherine Whitaker, Matt Roberts

The Tennis Podcast

1,375 Listeners

Art of Procurement by Philip Ideson

Art of Procurement

63 Listeners

The Daily by The New York Times

The Daily

111,562 Listeners

Up First from NPR by NPR

Up First from NPR

56,166 Listeners

The Diary Of A CEO with Steven Bartlett by DOAC

The Diary Of A CEO with Steven Bartlett

7,001 Listeners

Parenting Hell with Rob Beckett and Josh Widdicombe by Keep It Light Media / Spotify Studios

Parenting Hell with Rob Beckett and Josh Widdicombe

997 Listeners

Control the Controllables by Dan Kiernan

Control the Controllables

36 Listeners

The Sourcing Hero by TheSourcingHero

The Sourcing Hero

4 Listeners

The Procurement Show by The Procurement Show

The Procurement Show

0 Listeners

Art of Supply by Kelly Barner, Art of Procurement

Art of Supply

18 Listeners

Served with Andy Roddick by Served with Andy Roddick

Served with Andy Roddick

985 Listeners