You must be logged in to take this course  →   |

DORA Foundations Course

ENROLL FOR FREE

Course Curriculum

Introduction
Introduction to DORA Foundations Course 04:00:00
Module 1 - Introduction to DORA
Introduction to the Module 1 & suggested reading 00:00:00
What is DORA? 00:00:00
Who needs to comply with DORA 02:30:00
Which IT providers need to comply with DORA and how 00:00:00
What are DORA-related regulations RTS, CDR, and CIR 00:00:00
What are the main requirements specified in DORA 00:00:00
DORA implementation steps 01:30:00
Writing DORA documentation [CDR 2024/1774 Article 2] 03:30:00
Organizing training and awareness [DORA Articles 5, 13, 16, and 30] 02:30:00
Penalties and fines [DORA Articles 50, 51, and 54] 00:00:00
Related documentation 00:00:00
Certification FAQs 00:00:00
Recap quiz 00:00:00
Module 2 - Key concepts in governance and ICT risk management
Introduction to the Module 2 00:00:00
Governance responsibilities for senior management [DORA Article 5] 00:00:00
Key elements of ICT risk management framework [DORA Article 6; CDR 2024/1774 Article 3] 00:00:00
Developing top-level information security policy [DORA Article 9; CDR 2024/1774 Article 29] 00:00:00
How to write Digital operational resilience strategy [DORA Article 6] 00:00:00
Identifying ICT-supported business functions and assets [DORA Article 8; CDR 2024/1774 Article 4] 00:00:00
Performing risk assessment [DORA Article 8; CDR 2024/1774 Articles 3 and 5] 00:00:00
Learning and evolving [DORA Article 13] 00:00:00
Measurement, monitoring, and controlling the ICT systems [DORA Articles 9 and 13; CDR 2024/1774 Articles 2 and 31] 00:00:00
Internal audit of ICT risk management framework [DORA Article 6] 00:00:00
Follow-up and corrective actions [DORA Articles 6, 13, and 17] 00:00:00
Report on the review of ICT risk management framework [DORA Article 6; CDR 2024/1774 Article 27] 00:00:00
Main elements of simplified ICT risk management framework [DORA Article 16; CDR 2024/1774 Articles 28 to 41] 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 3 - Cybersecurity measures
Introduction to the Module 3 00:00:00
Policies and procedures for ICT operations security [DORA Article 9; CDR 2024/1774 Article 8] 00:00:00
Capacity and performance management [DORA Articles 7 and 9; CDR 2024/1774 Article 9] 00:00:00
Data and system security [DORA Article 9; CDR 2024/1774 Article 11] 00:00:00
Network security management [DORA Article 9; CDR 2024/1774 Article 13] 00:00:00
Securing information in transit [CDR 2024/1774 Article 14] 00:00:00
Encryption and cryptography [DORA Article 9; CDR 2024/1774 Articles 6 and 7] 00:00:00
Human resources policy [DORA Articles 5 and 13, CDR 2024/1774 Article 19] 00:00:00
Identity management and authentication [DORA Article 9; CDR 2024/1774 Article 20] 00:00:00
Access control [DORA Article 9; CDR 2024/1774 Article 21] 00:00:00
Physical and environmental security [CDR 2024/1774 Article 18] 00:00:00
ICT systems acquisition, development, and maintenance [CDR 2024/1774 Article 16] 00:00:00
ICT project management [CDR 2024/1774 Article 15] 00:00:00
ICT change management [DORA Article 9; CDR 2024/1774 Article 17] 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 4 - Anomalous activities, vulnerabilities, and incident management
Introduction to the Module 4 00:00:00
Logging [CDR 2024/1774 Article 12] 00:00:00
Detecting anomalous activities [DORA Article 10; CDR 2024/1774 Article 23] 00:00:00
Vulnerabilities, patch management, and updates [DORA Article 9; CDR 2024/1774 Article 10] 00:00:00
Incident management process [DORA Article 17; CDR 2024/1774 Article 22] 00:00:00
Classification of ICT incidents and threats [DORA Article 18; CDR 2024/1772 Articles 1 to 10] 00:00:00
Reporting major incidents and cyber threats [DORA Article 19] 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 5 - Business continuity and resilience testing
Introduction to the Module 5 00:00:00
ICT business continuity policy [DORA Article 11; CDR 2024/1774 Article 24] 00:00:00
Business impact analysis, RTO, and RPO [DORA Articles 11 and 12; CDR 2024/1774 Article 24] 00:00:00
Backup and restoration of data [DORA Article 12] 00:00:00
Secondary processing site [DORA Article 12; CDR 2024/1774 Article 24] 00:00:00
ICT response and recovery plans [DORA Article 11; CDR 2024/1774 Article 26] 00:00:00
Testing business continuity and recovery plans [DORA Article 11; CDR 2024/1774 Article 25] 00:00:00
Crisis management and communication [DORA Articles 11 and 14] 00:00:00
Main elements of digital operational resilience testing [DORA Article 24] 00:00:00
Resilience testing of ICT tools and systems [DORA Article 25] 00:00:00
Threat-led Penetration Testing TLPT [DORA Articles 26 and 27] 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 6 - Managing ICT third-party risk
Introduction to the Module 6 00:00:00
Key elements ICT third-party risk management [DORA Article 28; CDR 2024/1773 articles 1 to 4] 00:00:00
Selecting critical ICT service providers [DORA Article 31; CDR 2024/1502 Articles 1 to 6] 00:00:00
Risk assessment of ICT service providers [DORA Article 29; CDR 2024/1773 articles 5, 6, and 7] 00:00:00
Contracts with ICT service providers [DORA Article 30; CDR 2024/1773 Article 8] 00:00:00
Register of information [DORA Article 28; CIR 2024/2956] 00:00:00
Monitoring, inspection, and audit of ICT service providers [DORA Articles 28 and 30; CDR 2024/1773 Article 9] 00:00:00
Exit strategies for ICT services [DORA Article 28; CDR 2024/1773 Article 10] 00:00:00
Government oversight of critical ICT service providers [DORA Articles 33 to 43] 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Instructions for taking the exam
Instructions for taking the exam and obtaining the certificate 00:00:00
ENROLL FOR FREE
  • Access the course for free
  • UNLIMITED ACCESS
  • 6 MODULES
  • COURSE DURATION: 8 hours
Purchase Exam
Price: 449 EUR

    Course Reviews