Feature Descriptions

Introduction

Welcome to DORAedge, your comprehensive solution for ensuring compliance with the Digital Operational Resilience Act (DORA). This guide will help you navigate through the platform’s features and functionalities, ensuring a smooth and efficient experience. DORAedge is designed to simplify the complex requirements of DORA, providing you with the tools and insights necessary to maintain operational resilience in the face of digital risks.

Getting Started

Sign-Up and Onboarding

Self-Service Organization Creation

DORAedge allows for seamless self-service organization creation using Auth0. This ensures that your entity is set up securely and efficiently, aligning with DORA’s emphasis on robust identity and access management.

Database Provisioning and Migrations

Automated processes for database setup and migrations ensure that your data is managed securely and efficiently. This is crucial for compliance with DORA's requirements on data integrity and availability.

Low-Touch Sign Up and Billing

Our streamlined sign-up and billing processes minimize manual intervention, reducing the risk of human error and ensuring compliance with DORA’s operational resilience requirements.

Onboarding Checklist

Follow a step-by-step onboarding checklist on the "Get Started" page to ensure all necessary information and configurations are completed. This checklist is designed to help you quickly meet DORA’s requirements for ICT risk management and governance through completing essential tasks such as entering company information, entity creation, provider setup, and establishing contractual relationships.

Supply Chain Network Management

Entities and Branches

Entities Page

The Entities Page allows you to add and edit entities with full functionality. This is essential for maintaining an up-to-date record of all entities involved in your ICT operations, as required by DORA.

Branches Page

Identify various operational or jurisdictional branches within entities to accurately define relationships and risks.

Function and Systems

Functions Page

Track licensed activities that are either managed in-house or outsourced to external providers as well as the criticality to your operations.

ICT Systems Page

Catalog internal systems and assess associated risks annually. This feature helps you comply with DORA’s requirements for maintaining an inventory of ICT assets and assessing their associated risks. A decision is pending on whether to create a new UI for internal systems or update the existing Contracts page.

Providers and Contract Management

Providers Page

Manage your providers efficiently by adding and editing provider information. This feature helps you comply with DORA’s requirements for managing third-party ICT service providers and ensuring their operational resilience.

Contracts Page

Manage contracts with versioning, UI, and backend updates. This feature allows you to create, list, and deactivate contracts, ensuring compliance with DORA’s requirements for managing contractual relationships with ICT service providers.

Compliance Monitoring

Health Page

The Health Page features interactive widgets that display various metrics related to your organization's operational health. This gives an easy-to-monitor overview of the general health of your compliance with DORA. This aligns with DORA’s requirement for continuous monitoring.

Control & Policy Management

Policies and Controls

Policies Page

Upload and manage mandatory documents required by regulators. This ensures you have all necessary documentation in place to demonstrate compliance with DORA’s ICT risk management framework.

Documents

A list of approximately 20 suggested documents is provided to help you achieve comprehensive compliance. These documents cover various aspects of ICT risk management, operational resilience, and incident reporting, as outlined in DORA. Link documents (e.g., policies) to specific controls and update them in real-time on the dashboard.

Document Review and Approval

Notifications will trigger when it is time to review critical documents in alignment with regulatory requirements. ACL controls will enable review approvals by Management- and Board-level users. This feature ensures that your documentation is always current and aligned with DORA’s requirements for ongoing risk assessment and management.

Risk Management

Risks Page

Identify, assess, and mitigate future risks through risk profiling and defining treatment plans. Risks can be added and edited individually as well as represented through visualizations that showcase risks in aggregate. This feature provides detailed insights into your risk landscape, helping you comply with DORA’s requirements of implementing a comprehensive ICT risk management framework with continuous monitoring and reporting of ICT risks.

Incident Management

Incidents Tracking and Logging

The Incidents Page provides example workflows for managing major and non-major incidents. AI tooling is integrated into this feature to notify of and log Incidents, categorize criticality, and populate descriptions based upon the initial notification, and there is comprehensive field inclusion to ensure all necessary information is captured.

Incidents Reporting

Incidents are timestamped, creating a timeline of truth, and notifications are enabled for all subsequent reporting requirements, from initial notification and filing to final report. Incident reports can be sent directly to Competent Authorities at the required interval. This aligns with DORA’s requirements for incident reporting and management, ensuring timely and accurate reporting of ICT-related incidents.

Operational Tools

Audits and Logs

Audits Page

The Audits Page serves as a placeholder for the yearly checks required by financial entities. This feature will help you comply with DORA’s requirements for regular audits and assessments of your ICT risk management framework.

Logs

Maintain comprehensive logs of all activities for auditing and compliance purposes. This feature ensures that you have a detailed record of all actions taken, helping you meet DORA’s requirements for traceability and accountability.

User Management

People Management

People Page

Add and delete team members, and assign roles and responsibilities with the appropriate ACLs in place. This feature helps you manage your team and external stakeholders effectively, ensuring that all roles and responsibilities are clearly defined and aligned with DORA’s requirements for governance and oversight.

Profile Settings

Profile Page

The Profile Page provides basic profile settings and descriptions functionalities. The user-friendly interface allows you to update profile information easily, ensuring that all user data is current and accurate, as required by DORA.

AI and Automation

DORAedge Assistant

The DORAedge Assistant chat feature provides a custom-trained model for contextual answers and policy reviews. This feature helps you navigate complex regulatory requirements and ensures that your policies are aligned with DORA’s standards.

Regulatory Model

Access to all guidance materials and proprietary training material ensures that you have the latest information on regulatory requirements and best practices. This feature helps you stay compliant with DORA and other relevant regulations.

AI Features

The AI features include prefilled forms for contracts, risks, and incidents, with the ability to query the model for explanations. This feature ensures that your documentation is accurate and compliant with DORA’s requirements for ICT risk management and reporting.

Conclusion

DORAedge is designed to simplify compliance with DORA, providing robust features and an intuitive interface. Stay tuned for future updates as we continue to enhance the platform to meet your operational resilience needs.

With DORAedge, you can be confident that your organization is well-equipped to manage digital risks and maintain operational resilience in compliance with DORA.