NCC Group, DORA Compliance Services Review
4.2 out of 5
Cybersecurity specialistNCC Group is a cybersecurity specialist offering threat-led penetration testing, security assurance, and resilience services directly relevant to DORA's digital operational-resilience testing pillar. It is a recognised provider of TLPT-style engagements for financial institutions.
Overview
| Founded | 1999 |
|---|---|
| Headquarters | Manchester, United Kingdom |
| Team size | Large |
| Pricing band | Premium |
| DORA Auditor score | 70/100 |
| Website | www.nccgroup.com |
DORA services
- Penetration testing
- Resilience testing
- ICT security testing
- Incident response planning
Who they serve
BanksInvestment firmsPayment institutionsFintech startups
Strengths
- Specialist depth in penetration testing and threat-led resilience testing
- Established credentials (e.g. CREST) recognised for regulatory-grade testing
- Focused expertise directly mapped to DORA Articles 24-27
Limitations
- Testing-focused, does not provide full DORA governance or audit advisory
- Less suited as a single vendor for end-to-end DORA compliance programmes
Compare NCC Group
Frequently asked questions
Does NCC Group offer DORA gap assessments?
NCC Group focuses on penetration testing and resilience testing; confirm gap-assessment scope directly.
What entity types does NCC Group serve for DORA?
NCC Group works with banks, investment firms, payment institutions, fintech startups.
How much does a DORA engagement with NCC Group cost?
Pricing is premium-tier and typically scoped per engagement. Contact NCC Group for a quote.
Sources
Provider data is compiled from public sources and reviewed against our methodology. Last verified 2026-07-10.
