Skip to main content
DORA Auditor

Digital Operational Resilience

Last updated: 1 authoritative sourceDORA Auditor Editorial Team

Digital operational resilience is a financial entity's ability to build, assure, and review its operational integrity and reliability by withstanding, responding to, and recovering from ICT-related disruptions. It is the central objective of DORA and the outcome all five pillars work toward.

Detailed explanation

The concept reframes ICT security from pure prevention toward the assumption that disruptions will occur, and that what matters is the entity's capacity to keep critical functions running and recover quickly. DORA operationalises this through governance and risk management, incident detection and reporting, regular resilience testing, disciplined third-party risk management, and voluntary threat-intelligence sharing. Achieving it is a board-level responsibility, not solely a technical one, and it must be demonstrable to supervisors through documentation, testing evidence, and reporting.

In context

This term relates to the ICT Risk Management pillar and is grounded in DORA Article 1.

Related terms

Sources

  1. DORA Article 1, EUR-Lex