DORA is very specific about the role of directors ("management body"), in the field of ICT Risk Management. We provide external customized trainings, as a separate module, or integrated in a permanent education day for your organization.
The board of a financial institution has the ultimate responsibility for ICT risk management. This principle naturally applies to most functions of an institution. However, DORA makes the responsibilities for ICT risk management very concrete. The importance of the subject is also evident from the fact that supervisors AFM and DNB include knowledge of ICT Risk and digital resilience in the personal assessment of new directors.
DNB: "A candidate may be asked about his or her knowledge of DORA, ICT risk management and the digital resilience of the institution"
DORA is explicit about the required knowledge and skills of directors (management body). Some examples:
Actively keeping up to date
Members of management bodies actively keep their knowledge and skills up to date, with the aim of understanding and being able to assess ICT risks. This includes periodically following training courses.
Strategic role management body
Directors are responsible for determining the Digital Operational Resiliency Strategy, Business Continuity approach, ICT risk policy and management and the approach to awareness training in the organization.
Periodic reviews and reporting
The management body reviews policy and the ICT Risk management framework on an annual basis and is kept informed of important developments, including major incidents and findings from digital operational resiliency testing.
3rd party ICT providers
In addition to the policy, directors are expected to be sufficiently aware of contracts with ICT suppliers, changes therein and the impact thereof on critical and important functions.
ICT Risk management and cyber security for directors, the required basis to assess ICT risks for your organization.
Periodic training
Fulfill the obligation for directors to actively keep knowledge and skills up to date through training. With our financial sector expertise, we can provide basic training and zoom in on important themes.
Responsibility of the entire board
The obligations do not only apply to the director with IT in his/her portfolio. Every member of the board must acquire and maintain the knowledge and skills.
Make your organization digitally resilient
You don't have to become a cyber security expert yourself. However, the involvement of the board is essential to make your organization resilient. Learn to ask the right questions to your IT organization and suppliers.
Customized training
We organize a customized training for your entire board. For example as part of a permanent education day, or separately at a location provided by us.
Experienced trainers at board level
Our trainers have years of experience in cyber security and resilience; at senior management and board level.
Learning objectives
The goal of our DORA Boardroom training
Receive the knowledge and tools to take ownership of the digital resilience of your organization.
.png)
