The Digital Operational Resilience Act (DORA)

DORA is the European Union’s initiative to increase resilience against cyber attacks and Information and Communications Technology (ICT) related disruptions to financial entities across Europe and of their ICT and Cloud providers. The European Parliament and Council of Ministers published the finalised DORA text in June 2022. The act entered into force on the 16th January 2023, after its publication in the Official Journal of the EU, and became fully enforceable on 17 January 2025.

Click here to find out how FTI Consulting supports organisations with DORA compliance:

Want to speak with one of our experts? Click here to get in touch

FTI Consulting’s DORA ESSENTIALS offers a pragmatic, proportional, and risk-based approach to kickstart your compliance journey. Our starter kit focuses on immediate actions, including:

☑️ Developing your DORA Strategy
☑️ Preparing the IT Contracts Register (due by April)
☑️ Conducting entity-level risk assessments
☑️ Planning operational resilience testing

With tailored solutions based on your size and cybersecurity maturity, FTI Consulting is here to help.

Case Studies

DORA Implementation for Global Insurance Company

FTI Cybersecurity was retained to help a global insurance company prepare for the imminent implementation of the EU Digital Operational Resilience Act (DORA).

Cybersecurity Assessment and Resilience Plan for a Multinational Corporation

We were retained to provide an independent cybersecurity assessment and resilience plan with respect to the client’s current cybersecurity maturity.

Government Mandates Cybersecurity Regulations for Virtual Asset Firm

After the client was mandated by the Hong Kong government to have a business continuity plan and an incident response plan due to regulatory responsibilities, FTI Cybersecurity was hired to assist with this initiative.​