Resources Blog

ToolsDORA Compliance Checker

DORA Compliance Checker

Assess your ICT risk management framework against Digital Operational Resilience Act requirements.

DORA (Regulation (EU) 2022/2554) has applied to EU financial entities since 17 January 2025. (Art. 64.)

Compliance Score

0 of 15 requirements metSignificant Gaps

ICT Risk Management

Documented ICT risk management framework approved by management body

Art. 6

ICT risk management function with clear responsibilities

Art. 6(4)

Annual review and update of ICT risk framework

Art. 6(5)

ICT business continuity policy in place

Art. 11

Incident Management

ICT incident classification process established

Art. 17-18

Major incident reporting procedures to competent authorities

Art. 19

Incident root cause analysis procedures

Art. 17(3)

Resilience Testing

ICT testing program covering all critical systems

Art. 24

Vulnerability assessments performed regularly

Art. 25

Threat-led penetration testing (TLPT) at least every 3 years for entities identified by the competent authority

Art. 26(1)

Third-Party Risk

Art. 28(3)

Due diligence process for ICT third-party providers

Art. 28(4)

Contractual arrangements meeting DORA requirements

Art. 30

Exit strategies for critical ICT third-party services

Art. 28(8)

Information Sharing

Cyber threat intelligence sharing arrangements considered (optional/voluntary)

Art. 45

Regulatory Timeline

DORA implementation deadlines

DORA Full Text

Search the regulation

This checklist covers key DORA requirements but is not exhaustive. Full compliance requires detailed assessment against all applicable provisions. Consult with compliance professionals for a complete evaluation.

FinlexPro v.2.0

AI-powered regulatory intelligence for legal and compliance professionals.

Product

Pricing
Request Demo
Integrations
Blog

Solutions

For CASPs
For Banks
For Payments
For Academia

Company

About
Careers
Contact

Regulations

MiCA Guide
DORA Guide
AML Package
All Regulations

Resources

Free Tools
Glossary
FAQ

Legal

Terms of Use
Privacy Policy
Cookie Policy

For informational purposes only. Not legal advice.