If you are looking to assess and measure your current compliance to DORA we can assist by delivering a gap analysis.

We will work with you to interview key individuals in the organisation, assess your current cyber security arrangements and review your existing policies and procedures for relevancy, effectiveness and efficiency to determine any potential red flag areas that may indicate non-compliance with DORA.

You will receive a detailed gap analysis Report that collates the findings of this assessment, with everything you need to know in order to become compliant.

Having conducted a gap analysis and identified any areas where improvements are required, we can assist with any implementation or remediation activities to ensure you achieve and maintain compliance in the most practical and effective manner.

A key requirements of DORA is the need to undertake threat led penetration testing.

Threat-led penetration testing (TLPT) means a framework that mimics the tactics, techniques and procedures of real-life threat actors perceived as posing a genuine cyber threat, that delivers a controlled, bespoke, intelligence-led (red team) test of the financial entity’s critical live production systems.

As a CREST accredited organisation, we can help to scope and perform your threat led penetration testing in alignment with the requirements of DORA.

Regular training programs to keep all employees informed about the latest cyber security practices and threats, fostering a culture of security awareness.

We can help to implement a cyber security Training & Awareness program or provide you with our Managed Security Awareness service which covers monthly security training, simulated phishing, policy management and email address breach detection.

Implementation of comprehensive plans that cover detection, reporting, response, and recovery from security breaches to minimise potential impacts.

We can help to implement an Incident Response Plan, Incident Response Playbooks and provide Tabletop Exercises to test your response capability.

Assessment of supply chain risks and implementation of security measures to manage and mitigate risks from external suppliers and partners.

We can review your current supply chain security processes including policies, procedures, questionnaires and working practices against best practice. We’ll consider the nature of your organisation and the suppliers you work with and provide ‘right sized’ recommendations for improvement.

Compliance with known security frameworks and certifications such as ISO 27001 can help to support DORA compliance.

We can help to implement ISO 27001 across your business, by building an ISMS, implementing controls, conducting internal audits and supporting certification audits.