{"id":16606,"date":"2024-03-05T17:26:56","date_gmt":"2024-03-05T16:26:56","guid":{"rendered":"https:\/\/www.amendos.de\/uncategorized\/eu-regulation-dora-contents-and-implementation-tips\/"},"modified":"2025-12-01T15:33:56","modified_gmt":"2025-12-01T14:33:56","slug":"eu-regulation-dora-contents-and-implementation-tips","status":"publish","type":"post","link":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/","title":{"rendered":"EU Regulation DORA \u2013 Contents and implementation tips"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text css=&rdquo;&rdquo;]<strong>The EU Regulation DORA (Digital Operational Resilience Act) establishes a unified framework for the European financial sector to manage cybersecurity and ICT risks. Its goal is to strengthen the EU financial market by harmonizing requirements and standards in cybersecurity and ICT risk management, ensuring resilience and adaptability&mdash;operational resilience&mdash;of financial institutions during and after disruptions. Implementation is required by 2025, but how can this be achieved with manageable effort? This blog post provides an overview of DORA and offers practical tips for implementation.<\/strong><\/p>\n<h2>&nbsp;DORA Applies from Early 2025<\/h2>\n<p>The Digital Operational Resilience Act affects nearly all regulated institutions and companies in the European financial sector, including banks, insurance, and reinsurance firms. Companies must act now: the regulation came into force in January 2023 and will apply from January 17, 2025, after a two-year transition period.<\/p>\n<p>In January 2024, the European Supervisory Authorities (ESAs)* published the first final drafts of technical regulatory and implementation standards&mdash;a set of standards to ensure consistent regulation of operational processes.<\/p>\n<p>&nbsp;<\/p>\n<div id=\"attachment_17626\" style=\"width: 997px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-17626\" class=\" wp-image-17626\" src=\"http:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA-300x103.png\" alt=\"\" width=\"987\" height=\"339\" srcset=\"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA-300x103.png 300w, https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA-1024x353.png 1024w, https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA-768x264.png 768w, https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA-1536x529.png 1536w, https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/DORA.png 1920w\" sizes=\"auto, (max-width: 987px) 100vw, 987px\"><p id=\"caption-attachment-17626\" class=\"wp-caption-text\">Figure 1 : EU Regulation DORA &ndash; Contents and implementation tips<\/p><\/div>\n<p>*= The European Supervisory Authorities (ESAs) include:<\/p>\n<p>EBA: European Banking Authority<\/p>\n<p>ESMA: European Securities and Markets Authority<\/p>\n<p>EIOPA: European Insurance and Occupational Pensions Authority<\/p>\n<h2>&nbsp;What DORA Regulates<\/h2>\n<p>The EU Regulation DORA aims to strengthen resilience against cyberattacks and digital security. It sets requirements for cybersecurity, business continuity, and crisis management to ensure processes remain available during cyberattacks or technical failures. It focuses on ICT risk management and aligns with national and international best practices.<\/p>\n<p>DORA covers six key areas:<\/p>\n<div>\n<div>\n<table>\n<thead>\n<tr>\n<th>Area<\/th>\n<th>Key Features<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>ICT Risk Management:<\/td>\n<td>\n<ul>\n<li>The control function is responsible for monitoring risks<\/li>\n<li>Identify technical risks and respond appropriately<\/li>\n<li>Mechanisms from prevention to coping<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>Reporting on ICT incidents and significant cyber threats:<\/td>\n<td>\n<ul>\n<li>Classification of incidents,<\/li>\n<li>Structured process for notifications \/ reporting requirements<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>Testing digital operational resilience and threat-led penetration testing (TLPT):<\/td>\n<td>\n<ul>\n<li>Stress tests,<\/li>\n<li>Robustness\/vulnerability tests<\/li>\n<li>Review of safety standards<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>ICT third-party risk management:<\/td>\n<td>Contract components, e.g., necessary components such as support from the service provider in the event of incidents<\/td>\n<\/tr>\n<tr>\n<td>European supervisory framework for critical third-party ICT service providers:<\/td>\n<td>Monitoring of critical IT service providers (critical, for example, in terms of the impact of operational disruptions on the entire financial market \/ number\n<p>of customers or many systemically important<\/p>\n<p>financial companies as customers)<\/p><\/td>\n<\/tr>\n<tr>\n<td>&ldquo;Information sharing&rdquo; and cyber crisis and emergency drills:<\/td>\n<td>Information exchange (at EU level) =&gt; Derive measures =&gt; Continuous improvement<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>&nbsp;<\/p>\n<div><\/div>\n<p>&nbsp;<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<h2>Incident Reporting Framework<\/h2>\n<p>With regard to the implementation of DORA, uniformly regulated reporting processes for incidents in European financial companies are an important aspect. Parallels to the reporting obligation can also be found, for example, in the NIS2 Directive. Incidents are first reported to the competent national authority and assessed with the involvement of the European supervisory authorities. If relevant, they are then forwarded to other member states and other authorities. Figure 2 shows an incident in the DORA reporting process with BaFin as the central element in interaction with BSI and European supervisory authorities:<\/p>\n<h3><\/h3>\n<p>&nbsp;<\/p>\n<h2>DORA regulatory and implementation standards<\/h2>\n<p>The above-mentioned drafts of technical regulatory and implementation standards (RTS and ITS) published by the ESAs are intended to support and facilitate implementation: The <strong>regulatory technical standards<\/strong> (RTS) contain detailed, specific rules and technical requirements, e.g. with regard to ICT risk management and security measures for IT systems, while the <strong>implementing technical standards<\/strong> (ITS) contain specific rules or procedures, e.g. instructions for conducting security tests or reporting security incidents.<br>\nThe European Commission reviews these drafts to ensure that they are in line with European laws and policy objectives. They will become the binding standard for the implementation of DORA. As these standards specify the requirements of DORA in concrete terms, they also enable a better assessment of the implementation costs for companies.<\/p>\n<div><\/div>\n<p>&nbsp;<\/p>\n<h2>Distinction from other regulatory requirements<\/h2>\n<p>DORA overlaps thematically with other current regulations and directives, such as the <strong>NIS2<\/strong> <strong>Guidline<\/strong>, which aims to strengthen the overall level of cybersecurity in the EU, and TIBER (Threat Intelligence-based Ethical Red Teaming), which aims to promote resilience against cyberattacks through preventive testing. If a company also falls under the NIS2 Directive, the following applies: If the DORA requirement is more specific, it takes precedence.<\/p>\n<p>For the banking sector, the European Banking Authority (EBA) published the <strong>EBA<\/strong> <strong>Guidelines on Outsourcing<\/strong> and <strong>Guidelines on ICT and Security Risk Management<\/strong> in 2019, defining risk management measures relating to information security and outsourcing requirements. However, these are recommendations or guidelines that only apply to the banking sector.<\/p>\n<p>The DORA Regulation basically includes the content of these requirements and guidelines. DORA focuses on the consistent standardization of known regulations and requirements in the context of operational stability and business continuity. Unlike the EBA guidelines, it affects not only the EU banking sector, but the entire EU financial sector.<\/p>\n<h3><\/h3>\n<p>&nbsp;<\/p>\n<h2>How does DORA integrate into German financial regulatory requirements?<\/h2>\n<p>&nbsp;<\/p>\n<div>\n<p>There are a number of regulations issued by the German regulatory authority BaFin, such as BAIT (Banking Supervisory Requirements for IT). BaFin is also responsible for implementing DORA at the national level, including monitoring and control. It also has another important role: it is the central reporting office for ICT incidents and the link in cooperation with other national supervisory authorities and the EBA. In doing so, it works together with the European supervisory authorities to ensure consistent enforcement across the EU.<\/p>\n<p>BaFin has also established requirements and practices in the German financial sector in the past that are now reflected in DORA:<\/p>\n<ul>\n<li>Harmonized requirements for ICT risk management<br>\ne.g., minimum requirements for risk management (MaRisk), IT requirements in BAIT, ZAIT, VAIT, KAIT<\/li>\n<li>Standardized reporting of outsourcing<br>\ni.e., uniform standards and procedures for reporting outsourcing to BaFin<\/li>\n<li>Monitoring of IT service providers with multiple clients<\/li>\n<li>Standardized structures for reporting ICT-related incidents<\/li>\n<\/ul>\n<p>Key elements are reflected in DORA. Therefore, the BaFIn requirements that have already been implemented provide a good basis for the implementation for the DORA regulation in companies.<\/p>\n<p>&nbsp;<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<h2>Recommendations for action and tips for implementation<\/h2>\n<p>&nbsp;<\/p>\n<ol>\n<li>Requirements\/processes\/methods that have already been implemented or established, e.g., from the EBA guidelines, provide a good basis for implementation for financial companies.<\/li>\n<li>Requirements for documentation and reporting obligations should be reviewed and processes adapted.<\/li>\n<li>Existing service provider contracts must be reviewed and, if necessary, adjusted, for example, with regard to the support to be provided by the service provider in the event of incidents. (Adjustments can be extremely time-consuming!)<\/li>\n<li>Existing tools for risk management\/documentation\/reporting can be used to provide support, e.g., tools for automatic detection and alerting of anomalies, or tools for encryption and management of cryptographic keys, or for implementing lifecycles for firewall rules to strengthen network security.<\/li>\n<li>New tools for documenting service provider contracts and information registers on service providers required for reporting obligations must be established.<\/li>\n<li>Findings or measures from the implementation of the Supply Chain Act can also be helpful for the risk assessment of service providers (despite the primary focus on social and environmental standards).<\/li>\n<li>Overall, specific requirements must be aligned with the (technical and organizational) standards already in place within the company, and processes must be adapted and adjusted accordingly.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h2>Conclusion<\/h2>\n<p>&nbsp;<\/p>\n<div>The DORA Regulation is a positive step toward harmonized requirements and processes in the European financial sector. The increasing cyber threats of recent years have shown that improved measures are necessary for companies&mdash;not only in the financial sector. Appropriate measures and processes are crucial for operational security in order to respond to current and future threats and risks at the IT level. In order to ensure security and business continuity in the face of growing risks, concrete standard requirements such as those in DORA are helpful and necessary (for uniform resilience and security across the EU).<\/div>\n<p>[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text css=&#8221;&#8221;]The EU Regulation DORA (Digital Operational Resilience Act) establishes a unified framework for the European financial sector to manage cybersecurity and ICT risks. Its goal is to strengthen the EU financial market by harmonizing requirements and standards in cybersecurity and ICT risk management, ensuring resilience and adaptability\u2014operational resilience\u2014of financial institutions during and after disruptions.&hellip;<\/p>\n","protected":false},"author":11,"featured_media":14328,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[192,191,180],"tags":[178],"class_list":["post-16606","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-compliance","category-governance","category-outsourcing","tag-blog","category-192","category-191","category-180","description-off"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>DORA - Content and implementation tips - amendos gmbh<\/title>\n<meta name=\"description\" content=\"EU Regulation DORA: How can the requirements be implemented with manageable effort? Overview of DORA and basic tips\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"EU Regulation DORA \u2013 Contents and implementation tips\" \/>\n<meta property=\"og:description\" content=\"The EU Regulation DORA (Digital Operational Resilience Act) establishes a unified framework for the European financial sector to manage cybersecurity and\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/\" \/>\n<meta property=\"og:site_name\" content=\"amendos gmbh\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-05T16:26:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-01T14:33:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jan Stammer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jan Stammer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/\"},\"author\":{\"name\":\"Jan Stammer\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#\\\/schema\\\/person\\\/c3d68c2a994595a4912d489ba4aa52b9\"},\"headline\":\"EU Regulation DORA \u2013 Contents and implementation tips\",\"datePublished\":\"2024-03-05T16:26:56+00:00\",\"dateModified\":\"2025-12-01T14:33:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/\"},\"wordCount\":1310,\"publisher\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg\",\"keywords\":[\"Blog\"],\"articleSection\":[\"Compliance\",\"Governance\",\"Outsourcing\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/\",\"name\":\"DORA - Content and implementation tips - amendos gmbh\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg\",\"datePublished\":\"2024-03-05T16:26:56+00:00\",\"dateModified\":\"2025-12-01T14:33:56+00:00\",\"description\":\"EU Regulation DORA: How can the requirements be implemented with manageable effort? Overview of DORA and basic tips\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg\",\"contentUrl\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg\",\"width\":1920,\"height\":1280,\"caption\":\"digital work of Money Transfer or cryptocurrency concept\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/compliance\\\/eu-regulation-dora-contents-and-implementation-tips\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"EU Regulation DORA \u2013 Contents and implementation tips\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/\",\"name\":\"amendos gmbh\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#organization\",\"name\":\"amendos GmbH\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/Logo-amendos.png\",\"contentUrl\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/Logo-amendos.png\",\"width\":353,\"height\":81,\"caption\":\"amendos GmbH\"},\"image\":{\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/amendos-gmbh\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/#\\\/schema\\\/person\\\/c3d68c2a994595a4912d489ba4aa52b9\",\"name\":\"Jan Stammer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/amendos-logo-152-150x150.png\",\"url\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/amendos-logo-152-150x150.png\",\"contentUrl\":\"https:\\\/\\\/www.amendos.de\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/amendos-logo-152-150x150.png\",\"caption\":\"Jan Stammer\"},\"url\":\"https:\\\/\\\/www.amendos.de\\\/en\\\/author\\\/jstammer\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"DORA - Content and implementation tips - amendos gmbh","description":"EU Regulation DORA: How can the requirements be implemented with manageable effort? Overview of DORA and basic tips","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/","og_locale":"en_US","og_type":"article","og_title":"EU Regulation DORA \u2013 Contents and implementation tips","og_description":"The EU Regulation DORA (Digital Operational Resilience Act) establishes a unified framework for the European financial sector to manage cybersecurity and","og_url":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/","og_site_name":"amendos gmbh","article_published_time":"2024-03-05T16:26:56+00:00","article_modified_time":"2025-12-01T14:33:56+00:00","og_image":[{"width":1920,"height":1280,"url":"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg","type":"image\/jpeg"}],"author":"Jan Stammer","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jan Stammer","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#article","isPartOf":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/"},"author":{"name":"Jan Stammer","@id":"https:\/\/www.amendos.de\/en\/#\/schema\/person\/c3d68c2a994595a4912d489ba4aa52b9"},"headline":"EU Regulation DORA \u2013 Contents and implementation tips","datePublished":"2024-03-05T16:26:56+00:00","dateModified":"2025-12-01T14:33:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/"},"wordCount":1310,"publisher":{"@id":"https:\/\/www.amendos.de\/en\/#organization"},"image":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#primaryimage"},"thumbnailUrl":"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg","keywords":["Blog"],"articleSection":["Compliance","Governance","Outsourcing"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/","url":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/","name":"DORA - Content and implementation tips - amendos gmbh","isPartOf":{"@id":"https:\/\/www.amendos.de\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#primaryimage"},"image":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#primaryimage"},"thumbnailUrl":"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg","datePublished":"2024-03-05T16:26:56+00:00","dateModified":"2025-12-01T14:33:56+00:00","description":"EU Regulation DORA: How can the requirements be implemented with manageable effort? Overview of DORA and basic tips","breadcrumb":{"@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#primaryimage","url":"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg","contentUrl":"https:\/\/www.amendos.de\/wp-content\/uploads\/2024\/03\/EU-Verordnung-DORA-Inhalte-und-Umsetzung.jpg","width":1920,"height":1280,"caption":"digital work of Money Transfer or cryptocurrency concept"},{"@type":"BreadcrumbList","@id":"https:\/\/www.amendos.de\/en\/compliance\/eu-regulation-dora-contents-and-implementation-tips\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.amendos.de\/en\/"},{"@type":"ListItem","position":2,"name":"EU Regulation DORA \u2013 Contents and implementation tips"}]},{"@type":"WebSite","@id":"https:\/\/www.amendos.de\/en\/#website","url":"https:\/\/www.amendos.de\/en\/","name":"amendos gmbh","description":"","publisher":{"@id":"https:\/\/www.amendos.de\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.amendos.de\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.amendos.de\/en\/#organization","name":"amendos GmbH","url":"https:\/\/www.amendos.de\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amendos.de\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.amendos.de\/wp-content\/uploads\/2020\/03\/Logo-amendos.png","contentUrl":"https:\/\/www.amendos.de\/wp-content\/uploads\/2020\/03\/Logo-amendos.png","width":353,"height":81,"caption":"amendos GmbH"},"image":{"@id":"https:\/\/www.amendos.de\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/amendos-gmbh\/"]},{"@type":"Person","@id":"https:\/\/www.amendos.de\/en\/#\/schema\/person\/c3d68c2a994595a4912d489ba4aa52b9","name":"Jan Stammer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amendos.de\/wp-content\/uploads\/2020\/04\/amendos-logo-152-150x150.png","url":"https:\/\/www.amendos.de\/wp-content\/uploads\/2020\/04\/amendos-logo-152-150x150.png","contentUrl":"https:\/\/www.amendos.de\/wp-content\/uploads\/2020\/04\/amendos-logo-152-150x150.png","caption":"Jan Stammer"},"url":"https:\/\/www.amendos.de\/en\/author\/jstammer\/"}]}},"_links":{"self":[{"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/posts\/16606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/comments?post=16606"}],"version-history":[{"count":0,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/posts\/16606\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/media\/14328"}],"wp:attachment":[{"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/media?parent=16606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/categories?post=16606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amendos.de\/en\/wp-json\/wp\/v2\/tags?post=16606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}