![Ivan Spiteri Director](/getmedia/a8ae0fe6-e22f-41a4-b5f8-00168467b27c/Ivan-Spiteri-280x280px.png?width=280&height=280&ext=.png)
Ivan Spiteri
BDO Malta recommends adopting a phased approach whereby the in-scope entities chart a DORA Compliance Program with the aim of achieving compliance by the end of the transition period. Failure to achieve compliance may lead to severe fines from January 2025 onward. We can help you with DORA Compliance by providing expert guidance on the Regulation, by conducting IT risk assessments and gap analyses, developing and implementing incident management and business continuity plans, and by providing ongoing support and monitoring.
We can also assist with cyber implementation and assurance services to ensure that the infrastructure is secure and resilient against potential threats. This includes penetration testing, vulnerability assessments, and incident response planning. Additionally, we can provide training to employees to help them understand and comply with DORA requirements.
We recommend the following action points:
Commence scenario planning for a large-scale penetration test
Consolidate the Register of Information for all ICT third-party providers
Conduct regular risk assessments to identify potential threats and vulnerabilities.
Develop and implement incident management and business continuity plans to ensure that the organisation can respond effectively to a major incident.
Establish robust governance and oversight to ensure that DORA requirements are met and that the organisation's digital infrastructure is secure and resilient.
Regularly testing the incident management and business continuity plans.
Want to know more?
Our Technology Team can help you with DORA compliance by providing expert guidance on the Regulation
Ivan Spiteri