{"id":7655,"date":"2024-08-28T13:05:48","date_gmt":"2024-08-28T13:05:48","guid":{"rendered":"https:\/\/www.eciia.eu\/?p=7655"},"modified":"2024-09-02T10:46:18","modified_gmt":"2024-09-02T10:46:18","slug":"dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline","status":"publish","type":"post","link":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/","title":{"rendered":"DORA 2024 &#8211; Internal Audit&#8217;s Role and Strategies Ahead of Compliance Deadline"},"content":{"rendered":"\n<p>The newest edition of the ECIIA paper, <em><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-primary-2-color\">DORA: Impact of the Digital Operational Resilience Act (DORA) on the Internal Audit Function<\/mark><\/em>, has been published, offering valuable insights for the insurance industry. With the January 17, 2025, compliance deadline approaching, this paper outlines key strategies and actions to help internal audit teams ensure readiness.<\/p>\n\n\n\n<p>The Digital Operational Resilience Act (DORA) represents the European Union\u2019s strategic approach to managing systemic risk within the financial system. It aims to enhance cybersecurity and operational resilience across the financial services sector, becoming mandatory in 2025.<\/p>\n\n\n\n<p>Key findings from a survey of 70 insurance industry respondents show that many companies are still in the early or moderate stages of implementing DORA. The paper outlines essential actions for internal audit teams, such as regular audits of ICT risk management frameworks, reviews of ICT response and recovery plans, and assessments of ICT third-party service providers. It also emphasizes the importance of internal auditors documenting Threat-led Penetration Tests (TLPT) and ensuring that contracts with ICT third-party providers adhere to all key provisions.<\/p>\n\n\n\n<p>By focusing on these practical recommendations, the paper serves as a vital resource for internal audit professionals aiming to enhance their digital resilience and comply with DORA requirements.<\/p>\n\n\n\n<p>View the press release <a href=\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-2024-Press-Release.pdf\">here<\/a>.<\/p>\n\n\n\n<p>Access the full paper below:<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-16018d1d wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-2024-Paper.pdf\">DORA 2024<\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The newest edition of the ECIIA paper, DORA: Impact of the Digital Operational Resilience Act (DORA) on the Internal Audit Function, has been published, offering valuable insights for the insurance industry. With the January 17, 2025, compliance deadline approaching, this paper outlines key strategies and actions to help internal audit teams ensure readiness. The Digital [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":7657,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,5],"tags":[],"class_list":["post-7655","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-insurance-committee","category-publications"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DORA 2024 - Internal Audit&#039;s Role and Strategies Ahead of Compliance Deadline | ECIIA<\/title>\n<meta name=\"description\" content=\"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DORA 2024 - Internal Audit&#039;s Role and Strategies Ahead of Compliance Deadline | ECIIA\" \/>\n<meta property=\"og:description\" content=\"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\" \/>\n<meta property=\"og:site_name\" content=\"ECIIA\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-28T13:05:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-02T10:46:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png\" \/>\n\t<meta property=\"og:image:width\" content=\"608\" \/>\n\t<meta property=\"og:image:height\" content=\"857\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"eciiamaster\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@EciiaInfo\" \/>\n<meta name=\"twitter:site\" content=\"@EciiaInfo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"eciiamaster\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\"},\"author\":{\"name\":\"eciiamaster\",\"@id\":\"https:\/\/www.eciia.eu\/#\/schema\/person\/594b08eed7db7e55260f95a7a9031dff\"},\"headline\":\"DORA 2024 &#8211; Internal Audit&#8217;s Role and Strategies Ahead of Compliance Deadline\",\"datePublished\":\"2024-08-28T13:05:48+00:00\",\"dateModified\":\"2024-09-02T10:46:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\"},\"wordCount\":220,\"publisher\":{\"@id\":\"https:\/\/www.eciia.eu\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png\",\"articleSection\":[\"Insurance Committee\",\"Publications\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\",\"url\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\",\"name\":\"DORA 2024 - Internal Audit's Role and Strategies Ahead of Compliance Deadline | ECIIA\",\"isPartOf\":{\"@id\":\"https:\/\/www.eciia.eu\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png\",\"datePublished\":\"2024-08-28T13:05:48+00:00\",\"dateModified\":\"2024-09-02T10:46:18+00:00\",\"description\":\"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage\",\"url\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png\",\"contentUrl\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png\",\"width\":608,\"height\":857},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.eciia.eu\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DORA 2024 &#8211; Internal Audit&#8217;s Role and Strategies Ahead of Compliance Deadline\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.eciia.eu\/#website\",\"url\":\"https:\/\/www.eciia.eu\/\",\"name\":\"ECIIA\",\"description\":\"European Confederation of Institutes of Internal Auditing\",\"publisher\":{\"@id\":\"https:\/\/www.eciia.eu\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.eciia.eu\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.eciia.eu\/#organization\",\"name\":\"ECIIA\",\"url\":\"https:\/\/www.eciia.eu\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.eciia.eu\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2023\/03\/FAVICON.png\",\"contentUrl\":\"https:\/\/www.eciia.eu\/wp-content\/uploads\/2023\/03\/FAVICON.png\",\"width\":511,\"height\":510,\"caption\":\"ECIIA\"},\"image\":{\"@id\":\"https:\/\/www.eciia.eu\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/EciiaInfo\",\"https:\/\/www.linkedin.com\/company\/eciia-european-confederation-of-institutes-of-internal-auditing\/about\/?viewAsMember=true\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.eciia.eu\/#\/schema\/person\/594b08eed7db7e55260f95a7a9031dff\",\"name\":\"eciiamaster\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.eciia.eu\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/263df229ba46ad86b3b78c69fef8872fcc9b8987d94c920f6f82241a55e33397?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/263df229ba46ad86b3b78c69fef8872fcc9b8987d94c920f6f82241a55e33397?s=96&d=mm&r=g\",\"caption\":\"eciiamaster\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DORA 2024 - Internal Audit's Role and Strategies Ahead of Compliance Deadline | ECIIA","description":"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/","og_locale":"en_US","og_type":"article","og_title":"DORA 2024 - Internal Audit's Role and Strategies Ahead of Compliance Deadline | ECIIA","og_description":"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.","og_url":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/","og_site_name":"ECIIA","article_published_time":"2024-08-28T13:05:48+00:00","article_modified_time":"2024-09-02T10:46:18+00:00","og_image":[{"width":608,"height":857,"url":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png","type":"image\/png"}],"author":"eciiamaster","twitter_card":"summary_large_image","twitter_creator":"@EciiaInfo","twitter_site":"@EciiaInfo","twitter_misc":{"Written by":"eciiamaster","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#article","isPartOf":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/"},"author":{"name":"eciiamaster","@id":"https:\/\/www.eciia.eu\/#\/schema\/person\/594b08eed7db7e55260f95a7a9031dff"},"headline":"DORA 2024 &#8211; Internal Audit&#8217;s Role and Strategies Ahead of Compliance Deadline","datePublished":"2024-08-28T13:05:48+00:00","dateModified":"2024-09-02T10:46:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/"},"wordCount":220,"publisher":{"@id":"https:\/\/www.eciia.eu\/#organization"},"image":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png","articleSection":["Insurance Committee","Publications"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/","url":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/","name":"DORA 2024 - Internal Audit's Role and Strategies Ahead of Compliance Deadline | ECIIA","isPartOf":{"@id":"https:\/\/www.eciia.eu\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage"},"image":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png","datePublished":"2024-08-28T13:05:48+00:00","dateModified":"2024-09-02T10:46:18+00:00","description":"ECIIA intends to be the consolidated voice for the profession of internal auditing in Europe and to promote the role of internal audit and good corporate governance by dealing with the European Union, its Parliament and Commission and any other European regulators and associations representing key stakeholders. It has a non-profit making purpose.","breadcrumb":{"@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#primaryimage","url":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png","contentUrl":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2024\/08\/DORA-Paper-front-page.png","width":608,"height":857},{"@type":"BreadcrumbList","@id":"https:\/\/www.eciia.eu\/2024\/08\/dora-2024-internal-audits-role-and-strategies-ahead-of-compliance-deadline\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.eciia.eu\/"},{"@type":"ListItem","position":2,"name":"DORA 2024 &#8211; Internal Audit&#8217;s Role and Strategies Ahead of Compliance Deadline"}]},{"@type":"WebSite","@id":"https:\/\/www.eciia.eu\/#website","url":"https:\/\/www.eciia.eu\/","name":"ECIIA","description":"European Confederation of Institutes of Internal Auditing","publisher":{"@id":"https:\/\/www.eciia.eu\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.eciia.eu\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.eciia.eu\/#organization","name":"ECIIA","url":"https:\/\/www.eciia.eu\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eciia.eu\/#\/schema\/logo\/image\/","url":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2023\/03\/FAVICON.png","contentUrl":"https:\/\/www.eciia.eu\/wp-content\/uploads\/2023\/03\/FAVICON.png","width":511,"height":510,"caption":"ECIIA"},"image":{"@id":"https:\/\/www.eciia.eu\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/EciiaInfo","https:\/\/www.linkedin.com\/company\/eciia-european-confederation-of-institutes-of-internal-auditing\/about\/?viewAsMember=true"]},{"@type":"Person","@id":"https:\/\/www.eciia.eu\/#\/schema\/person\/594b08eed7db7e55260f95a7a9031dff","name":"eciiamaster","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eciia.eu\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/263df229ba46ad86b3b78c69fef8872fcc9b8987d94c920f6f82241a55e33397?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/263df229ba46ad86b3b78c69fef8872fcc9b8987d94c920f6f82241a55e33397?s=96&d=mm&r=g","caption":"eciiamaster"}}]}},"_links":{"self":[{"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/posts\/7655","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/comments?post=7655"}],"version-history":[{"count":3,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/posts\/7655\/revisions"}],"predecessor-version":[{"id":7673,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/posts\/7655\/revisions\/7673"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/media\/7657"}],"wp:attachment":[{"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/media?parent=7655"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/categories?post=7655"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.eciia.eu\/wp-json\/wp\/v2\/tags?post=7655"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}