NCI WEBSITE
NORMA eResearch @NCI Library

Developing a Pre-Readiness Compliance Assessment Framework for Financial Institutions under the EU's Digital Operational Resilience Act (DORA)

Tools

Sachdeva, Rishabh (2023) Developing a Pre-Readiness Compliance Assessment Framework for Financial Institutions under the EU's Digital Operational Resilience Act (DORA). Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (2MB) | Preview

Abstract

The EU Digital Operational Resilience Act (DORA) is set to become a crucial regulatory framework designed to enhance the operational resilience and cybersecurity measures within the financial services sector. By the fourth quarter of 2024, financial services regulators will require firms to fully comply with all new requirements set forth by DORA. Non-compliance will lead to substantial fines and penalties. This regulation imposes strict mandates in various areas such as ICT risk management, incident reporting, digital operational resilience testing, managing third-party risks, and information sharing. This research focuses on developing a Pre-Readiness Compliance Assessment Framework that enables financial institutions to effectively assess, quantify, and evaluate their current capabilities and potential gaps in their compliance levels in relation to the DORA requirements. Our framework primarily features a comprehensive control database aligned with DORA's requirements to conduct a gap analysis. Each control is evaluated on a compliance scale, offering a quantifiable measure of an institution's current capabilities. To facilitate this, a specialized compliance management tool is employed to generate a shareable assessment questionnaire, enabling financial institutions to easily conduct evaluations on their own. The results are then translated into intuitive visual dashboards via Power BI, offering insights into an institution's compliance level. This approach not only aids financial entities in identifying their readiness and potential gaps but also give insights for developing a roadmap for achieving full compliance with DORA's regulations.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: Digital Operational Resilience; DORA; Financial Institutions; ICT Risk Management; Third-Party Risk Management; Compliance Management; Gap Analysis; Operational Resilience
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
J Political Science > JN Political institutions (Europe) > European Union
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 10 Jan 2025 15:28
Last Modified: 10 Jan 2025 15:28
URI: https://norma.ncirl.ie/id/eprint/7299

Actions (login required)

View Item View Item