This course offers an intermediate to advanced exploration of the Digital Operational Resilience Act (DORA), combining self-paced video modules with self-evaluation quizzes, a live kick-off and two live exercise classes. The first part lays the foundations, covering DORA’s background, aims, scope, definitions, the proportionality principle and its pillars. The second part turns to ICT risk and incidents, addressing governance, the ICT risk management framework, the classification and reporting of incidents, and a live exercise. The third part examines digital operational resilience testing (with a focus on TLPT and TIBER-EU), the oversight of critical ICT third-party providers, and information-sharing arrangements, closing with a second live exercise.
1. Foundations
M0. Kick-off: recap of cyber key notions and self-evaluation (live)
M1. High-level summary of DORA: scope, definitions, proportionality, pillars
2. ICT risk and incidents
M2. Governance and the ICT risk management framework
M3. ICT-related incident management: classification and reporting
M4. Live exercise: ICT risk management in practice
3. Testing, third-party and sharing
M5. Operational resilience testing, with a focus on TLPT (TIBER-EU)
M6. ICT third-party risk and oversight of critical providers (CTPPs)
M7. Information and intelligence sharing
M8. Live exercise: ICT third-party risk in practice
We use cookies to help personalise content and provide a better experience. By clicking Accept all, you agree to this, as outlined in our Cookie Policy. To change preferences or withdraw consent, please update your Cookie Preferences.