← Back to regulations
Regulation
DORA (Digital Operational Resilience Act)
Regulation (EU) 2022/2554
CybersecurityTech Law
Jurisdiction
European Union
Date
Jan 17, 2025
Status
In Force
Source
legaldatahunter
Legislative Body
European Parliament and Council
Enacted
Dec 27, 2022
Effective
Jan 17, 2025
Type
legislation
Relevance
87%
Summary
Establishes a comprehensive ICT risk management framework for the EU financial sector. Requires financial entities to implement ICT risk management, conduct regular resilience testing including threat-led penetration testing, report ICT-related incidents, manage third-party ICT service provider risk, and participate in information sharing.