Meet DORA regulatory requirements

DORA Pillars


  • The Digital Operational Resilience Act (DORA) was determined by European Commission and needs to be implemented by banks, payment institutes, insurance and other financial service providers to improve the resilience towards the increase of IT risks.
  • Our client, a German-based payment institute, would like to understand the details about DORA and what specific measures need to be executed. Such measures include additional documentation and processes, but also the need for stronger outsourcing management combined with tools to allow Client to manage cyber attacks on its applications without damage.


  • Review of the internal guidelines regarding payment services supervisory IT requirements (ZAIT) with a focus on IT security
  • Creation of a gap analysis to show deviations between ZAIT and DORA
  • C-level presentation of analysis, results, and recommended activities
  • Decision on follow-up measures Implementation of individual measures to achieve compliance with regulatory requirements
  • Support the internal team in system selection and implementation
  • Tracking of measures and regular information to management



Benefits for Customer

  • Evaluation of the current situation
  • Understanding of required activities
  • Availability of regulatory and compliance experts

Our contribution

  • Availability of experienced compliance and info security experts
  • Assessment of potential gaps
  • Identification of specific measures to fulfill regulatory requirements
  • Provision of specific recommendations based on leading practice