SureCloud, DORA Compliance Services Review
3.8 out of 5
GRC / resilienceSureCloud offers GRC software alongside cybersecurity and risk-advisory services. Its combined platform-and-services model supports DORA programmes across ICT risk management, third-party risk, and the register of information, with penetration testing available for resilience testing.
Overview
| Founded | 2006 |
|---|---|
| Headquarters | Reading, United Kingdom |
| Team size | Mid-size |
| Pricing band | Mid |
| DORA Auditor score | 56/100 |
| Website | www.surecloud.com |
DORA services
- GRC platform
- Third-party risk management
- ICT risk management
- Penetration testing
- Cyber & risk advisory
Who they serve
BanksInsurance companiesInvestment firmsPayment institutions
Strengths
- Combined GRC tooling and hands-on advisory in a single provider
- In-house penetration testing supports the resilience-testing pillar
- Accessible pricing for mid-sized financial entities
Limitations
- Smaller scale than enterprise GRC vendors or the Big Four
- UK-headquartered; primary strength is the UK and Northern-European market
Compare SureCloud
Frequently asked questions
Does SureCloud offer DORA gap assessments?
SureCloud focuses on grc platform and third-party risk management; confirm gap-assessment scope directly.
What entity types does SureCloud serve for DORA?
SureCloud works with banks, insurance companies, investment firms, payment institutions.
How much does a DORA engagement with SureCloud cost?
Pricing is mid-tier and typically scoped per engagement. Contact SureCloud for a quote.
Sources
Provider data is compiled from public sources and reviewed against our methodology. Last verified 2026-07-10.