Adaptation to DORA: Experiences Compared
Course
Francesco Puccioni of Credem Banca, Pasquale De Rinaldis of Iccrea Banca and Giovanni Lamberti of Mooney share practical DORA implementation experiences across different financial institution sizes.
This session brings together IT security leaders from financial institutions of various sizes to share their practical experiences adapting to DORA - the EU regulation effective January 2025 that harmonizes ICT risk management requirements across European financial entities. The discussion explores real-world implementation challenges and solutions across different organizational contexts.
Key discussion points include:
- Navigating regulatory complexity while working with draft technical specifications and building on existing frameworks;
- Involving internal functions (procurement, legal, supply chain) and communicating effectively with board-level management;
- Adopting TLPT (Threat Led Penetration Testing) and automating vulnerability assessments while balancing detection with remediation capabilities;
- Distinguishing between first- and second-level security functions and integrating ICT risk management into daily operations;
- Adapting control functions to maintain independence while enhancing technical competencies for effective risk assessment.
Here is the course outline:
Adaptation to DORA: Experiences Compared |
Completion
The following certificates are awarded when the course is completed:
 |
CPE Credit Certificate |