{"id":217,"date":"2024-08-04T06:52:42","date_gmt":"2024-08-04T06:52:42","guid":{"rendered":"http:\/\/deka"},"modified":"2025-11-15T08:15:16","modified_gmt":"2025-11-15T08:15:16","slug":"dora-umsetzungshinweise","status":"publish","type":"post","link":"https:\/\/reguvance.com\/en\/dora-umsetzungshinweise\/","title":{"rendered":"DORA: BaFin publishes implementation instructions"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"217\" class=\"elementor elementor-217\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3ba1ac8c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3ba1ac8c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-626c7c1d\" data-id=\"626c7c1d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-591008cd elementor-widget elementor-widget-text-editor\" data-id=\"591008cd\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"whitespace-pre-wrap break-words\">Mit dem Digital Operational Resilience Act (DORA) steht der Finanzbranche eine bedeutende regulatorische Ver\u00e4nderung bevor. Als Ihr verl\u00e4sslicher Partner f\u00fcr IT-Regulatorik und Projektmanagement m\u00f6chte ReguVance Sie \u00fcber die j\u00fcngsten Entwicklungen informieren und Ihnen bei der erfolgreichen Umsetzung zur Seite stehen.<\/p>\n<p class=\"font-600 text-xl font-bold\">Time frame and objectives<\/p>\n<p class=\"whitespace-pre-wrap break-words\">DORA came into force on 16 January 2023 and will be mandatory from 17 January 2025. The aim is to strengthen digital operational resilience in the financial sector through a standardised set of rules for ICT risks and cybersecurity.<\/p>\n<p class=\"font-600 text-xl font-bold\">BaFin's implementation guidance: An overview<\/p>\n<p class=\"whitespace-pre-wrap break-words\">BaFin has developed detailed implementation guidelines in cooperation with Deutsche Bundesbank and industry representatives. These address the following key areas:<\/p>\n<ol class=\"-mt-1 list-decimal space-y-2 pl-8\">\n<li class=\"whitespace-normal break-words\">\n<p>Governance and organisation<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>Information risk and information security management<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>IT operations<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>ICT business continuation management<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>IT project management and application development<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>ICT third party risk management<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>Operational information security<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p>Identity and rights management<\/p>\n<\/li>\n<\/ol>\n<p class=\"font-600 text-xl font-bold\">Key innovations and challenges<\/p>\n<p class=\"font-600 text-lg font-bold\">IKT Business Continuation Guideline<\/p>\n<p class=\"whitespace-pre-wrap break-words\">One major innovation is the introduction of a specific guideline for ICT business continuity. This must contain detailed guidelines for responding to ICT incidents, containment measures and damage assessments.<\/p>\n<p class=\"font-600 text-lg font-bold\">Extended emergency management<\/p>\n<p class=\"whitespace-pre-wrap break-words\">Financial organisations need to expand their contingency management to include new scenarios, including climate change impacts, insider attacks, political and social instability and large-scale power outages.<\/p>\n<p class=\"font-600 text-lg font-bold\">Operational stability and system updates<\/p>\n<p class=\"whitespace-pre-wrap break-words\">DORA requires continuous updating of ICT systems and their stability even during periods of stress - a requirement that goes beyond previous regulations.<\/p>\n<p class=\"font-600 text-lg font-bold\">ICT services and third-party providers<\/p>\n<p class=\"whitespace-pre-wrap break-words\">The definition of ICT services has been expanded, which requires a more comprehensive assessment of all ICT-related third-party relationships.<\/p>\n<p class=\"font-600 text-lg font-bold\">ICT risk control function<\/p>\n<p class=\"whitespace-pre-wrap break-words\">DORA is introducing a new function responsible for the management and monitoring of ICT risks. This goes beyond the role of the previous Information Security Officer (ISO).<\/p>\n<p class=\"font-600 text-xl font-bold\">ReguVance: Ihr Partner f\u00fcr die DORA-Implementierung<\/p>\n<p class=\"whitespace-pre-wrap break-words\">Die Umsetzung von DORA stellt viele Finanzunternehmen vor komplexe Herausforderungen. Als erfahrener Spezialist f\u00fcr IT-Regulatorik und Projektmanagement im Finanzsektor bietet ReguVance Ihnen ma\u00dfgeschneiderte Unterst\u00fctzung:<\/p>\n<ol class=\"-mt-1 list-decimal space-y-2 pl-8\">\n<li class=\"whitespace-normal break-words\">\n<p><strong>Gap analysis<\/strong>We identify gaps between your existing processes and the DORA requirements.<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p><strong>Realisation planning<\/strong>Together we develop a structured roadmap for DORA compliance.<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p><strong>Implementation support<\/strong>Our experienced project managers support you in the efficient implementation of the necessary measures.<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p><strong>Training courses<\/strong>We ensure that your employees are fit for the new requirements.<\/p>\n<\/li>\n<li class=\"whitespace-normal break-words\">\n<p><strong>Continuous counselling<\/strong>Even after implementation, we are at your side for questions and adjustments.<\/p>\n<\/li>\n<\/ol>\n<p class=\"whitespace-pre-wrap break-words\">Wichtig zu beachten ist, dass die bisherigen regulatorischen Anforderungen (xAIT) weiterhin eine wesentliche Grundlage f\u00fcr die DORA-Compliance bilden. ReguVance verf\u00fcgt \u00fcber umfassende Erfahrung in beiden Bereichen und kann Sie so optimal bei der Integration der neuen Anforderungen in Ihre bestehenden Strukturen unterst\u00fctzen.<\/p>\n<p class=\"whitespace-pre-wrap break-words\">Let us develop and implement your DORA strategy together. Contact us today for a non-binding consultation.<\/p>\n<p><!-- \/wp:paragraph --><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Mit dem Digital Operational Resilience Act (DORA) steht der Finanzbranche eine bedeutende regulatorische Ver\u00e4nderung bevor. Als Ihr verl\u00e4sslicher Partner f\u00fcr IT-Regulatorik und Projektmanagement m\u00f6chte ReguVance Sie \u00fcber die j\u00fcngsten Entwicklungen informieren und Ihnen bei der erfolgreichen Umsetzung zur Seite stehen. Zeitlicher Rahmen und Zielsetzung DORA trat am 16. Januar 2023 in Kraft und wird ab [&hellip;]<\/p>","protected":false},"author":1,"featured_media":215,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-217","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-create-business"],"_links":{"self":[{"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/posts\/217","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/comments?post=217"}],"version-history":[{"count":7,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/posts\/217\/revisions"}],"predecessor-version":[{"id":752,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/posts\/217\/revisions\/752"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/media\/215"}],"wp:attachment":[{"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/media?parent=217"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/categories?post=217"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/reguvance.com\/en\/wp-json\/wp\/v2\/tags?post=217"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}