DORA
Digital Operational Resilience Act (EU Reg. 2022/2554)
EU regulation applicable from 17/01/2025 to financial entities (banks, insurance, payment, crypto, fund management) and their critical ICT suppliers. Also affects OT operators providing services to these entities or running data centres / technology infrastructure supporting them.
- 01Integrated and documented ICT risk management framework
- 02Incident reporting to competent authorities
- 03Digital operational resilience testing (including threat-led penetration testing)
- 04Third-party ICT risk management (TPRM)
- 05Information sharing on cyber threat intelligence
For financial entities with technology infrastructure and data centres, and for ICT suppliers operating across mixed IT/OT environments, MON5 provides continuous network monitoring, asset inventory and anomaly detection - feeding the ICT risk management framework and the incident reporting required by DORA.
- →Continuous monitoring for ICT risk management
- →Asset inventory for TPRM on supplied systems
- →Event detection supporting incident reporting
- →Technical evidence for resilience testing
- →Audit trail reusable for supervisory authorities
Let's figure out what you really need.
Show us the OT perimeter and the regulations you need to cover: we will tell you what MON5 documents directly, where complementary work is needed, and which tier to start from - no hard selling.