DORAedge Documentation
  • Feature Descriptions
  • Regulatory Overview
    • Chapter I: Scope & Descoping (Articles 1-4)
    • Chapter II: ICT Risk Management (Articles 5-16)
    • Chapter III: Incident Reporting (Articles 17-23)
    • Chapter IV: Digital Operational Resilience Testing (Articles 24-27)
    • Chapter V: Managing of ICT third-party risk (Articles 28-44)
    • Chapter VI: Information-sharing Arrangements (Article 45)
    • Chapter VII: Competent Authorities (Articles 46-56)
      • Competent Authorities
    • Chapter VIII: Delegate Acts (Article 57)
    • Chapter IX: Transitional and Final Provisions (Articles 58-64)
  • Exportable Documents in DORAedge
  • Resource Center
    • IT Security Overview
    • Terms & Conditions
    • Data Processing Agreement (DPA)
Powered by GitBook
On this page
  1. Regulatory Overview

Chapter I: Scope & Descoping (Articles 1-4)

How DORAedge enables compliance with DORA

Introduction

Chapter I of DORA lays the groundwork for the digital operational resilience standards that financial entities must meet under this regulation. It introduces the overall goals, scope, and key definitions, ensuring that all financial institutions—regardless of size—are equipped to maintain secure and resilient operations.

Below is a breakdown of how DORAedge supports financial entities in adhering to these fundamental provisions.

Article 1: Subject Matter

DORAedge is designed to help financial entities meet the new standardized requirements for digital operational resilience. By providing a centralized platform for ICT risk management, incident reporting, and third-party risk oversight, DORAedge simplifies compliance with key regulatory provisions. The platform ensures that financial entities maintain effective governance while streamlining operational processes and improving transparency.

How DORAedge Assists:

  • Comprehensive ICT risk management and reporting tools.

  • Support for incident reporting and digital resilience testing.

  • Centralized management of ICT third-party service providers and contracts.

Article 2: Scope

DORAedge is built to accommodate the operations of a diverse range of financial entities, from credit institutions to crypto-asset service providers. The platform adapts to each entity's unique compliance requirements, helping organizations across the financial sector maintain operational integrity and digital resilience.

Entities DORAedge Can Support:

  • Credit institutions

  • Payment institutions

  • Account information service providers

  • Electronic money institutions

  • Investment firms

  • Crypto-asset service providers

  • Central securities depositories

  • Central counterparties

  • Trading venues

  • Trade repositories

  • Alternative investment fund managers

  • Management companies

  • Data reporting service providers

  • Insurance and reinsurance undertakings

  • Insurance intermediaries and ancillary insurance intermediaries

  • Institutions for occupational retirement provision

  • Credit rating agencies

  • Crowdfunding service providers

  • Securitization repositories

  • ICT third-party service providers

How DORAedge Assists:

  • A flexible architecture that supports a wide variety of financial entities.

  • Scalable features tailored to the specific needs of different business models.

Article 3: Definitions

No applicable DORAedge assistance required.

Article 4: Proportionality Principle

DORAedge ensures that its tools are scalable and adaptable to the size, risk profile, and complexity of each regulated financial entity. The platform supports proportional implementation of ICT risk management and compliance measures, offering tailored solutions that meet the specific needs of every entity, from small firms to large financial institutions.

How DORAedge Assists:

  • Scalable features that adjust to the size and risk profile of the financial entity.

  • Tools that match the complexity and scope of each organization’s operations.

  • A dedicated tier for microenterprises, offering simplified controls and reduced overhead, all at a lower cost.

PreviousRegulatory OverviewNextChapter II: ICT Risk Management (Articles 5-16)

Last updated 6 months ago