Digital Operational Resilience Act Compliance Checklist

This document is a checklist intended to assist financial services organizations in complying with the European Union’s Digital Operational Resilience Act (DORA). DORA mandates that these organizations enhance their cybersecurity resilience by January 17, 2025, particularly in response to vulnerabilities in the application layer, which has become a frequent target for cyberattacks. The checklist outlines essential measures that organizations should implement, including establishing a robust network and infrastructure management structure, detecting anomalous activities, and conducting regular vulnerability assessments and security tests. It emphasizes the importance of having the necessary technology and processes in place to monitor third-party risks and perform various types of security assessments. The document also notes that while it provides guidance, it does not constitute legal advice, and organizations are encouraged to consult with legal professionals for compliance matters.