Digital Operational Resilience Act Compliance Framework

This white paper outlines Duck Creek's approach to compliance with the Digital Operational Resilience Act (DORA), which mandates stringent requirements for managing ICT risks. The document details Duck Creek's Enterprise Risk Management (ERM) Framework, designed to address ICT risks efficiently and comprehensively. It includes strategies, policies, and procedures necessary to protect information and ICT assets. The paper explains how Duck Creek's infrastructure is designed for operational resilience, incorporating redundancy and high availability measures to ensure service continuity. Additionally, it describes the company's disaster recovery plan, which includes regular backups and testing to ensure effective incident response. The document also highlights security measures in place to protect against unauthorized access and data breaches, emphasizing compliance with industry standards. The continuous improvement of incident management practices is discussed, ensuring alignment with DORA's evolving requirements. Overall, the white paper presents a comprehensive view of Duck Creek's commitment to operational resilience and regulatory compliance.