Skip to content
Home / Function (NIST CSF 2.0) / RC - Recover / Cyber Resilience

EU Regulation 2022/2554 Digital Operational Resilience Act (DORA)

This document focuses on:

The EU Digital Operational Resilience Act (DORA) is a regulation that came into effect on January 17, 2025, aimed at strengthening the digital resilience of financial entities across the EU. It mandates banks, insurance companies, investment firms, and other financial institutions to implement comprehensive ICT risk management frameworks to withstand, respond to, and recover from ICT-related disruptions such as cyberattacks or system failures. DORA harmonizes operational resilience rules across the EU, covering both financial entities and critical ICT third-party service providers, ensuring consistent cybersecurity standards and reducing regulatory fragmentation. It requires institutions to establish robust incident reporting, risk management, and oversight mechanisms, with enforcement by national authorities and European Supervisory Authorities. The act is part of the EU’s broader digital finance strategy to support innovation while safeguarding financial stability and consumer protection.


Publication's URL

https://eur-lex.europa.eu/eli/reg/2022/2554/oj/eng

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *