The most important challenges
The authors of the research attributed this partially to the late publication of the technical requirements, along with the in depth element of the rules. In keeping with the German Affiliation of Insurers (GDV), some technical particulars of DORA stay unclear, particularly regarding administration of third-party dangers. Beneath DORA, monetary firms should handle each inside data and communication expertise (ICT) dangers and dangers from third-party suppliers and their subcontractors.
“For contract administration with service suppliers, the excellent specs for subcontracting should be finalized rapidly,” says Jörg Asmussen, common supervisor of the GVD.
Ron Kneffel, chairman of the board of the CISO Alliance, additionally confirmed to CSO that many firms haven’t but accomplished the required measures to be absolutely DORA compliant. “The most important hurdles proceed to be renegotiating current contracts with IT service suppliers and companions, in addition to creating and sustaining detailed data registers,” Kneffel explains.
