[et_pb_section fb_built=\"1\" _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"0px||0px||true|false\" locked=\"off\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_row _builder_version=\"4.16\" _module_preset=\"default\" width=\"100%\" custom_padding=\"0px||||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" text_text_color=\"#FFFFFF\" text_font_size=\"30px\" text_line_height=\"1.2em\" header_font=\"Roboto||||||||\" header_text_color=\"#F07F1D\" header_font_size=\"50px\" background_color=\"RGBA(0,0,0,0)\" background_image=\"https:\/\/www.usd.de\/wp-content\/uploads\/usd-ag-header-finanzwesen-bait-harmonisierung.jpg\" background_blend=\"multiply\" custom_margin=\"-25px||0px||false|false\" custom_padding=\"95px||60px||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n
Harmonization with DORA - We Accompany You<\/span><\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=\"1_2,1_2\" _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"10px|||||\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"1_2\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_image src=\"https:\/\/www.usd.de\/wp-content\/uploads\/usd-pci-security-consulting-dora-bild-1.jpg\" alt=\"Harmonisierung mit BAIT\" title_text=\"usd-pci-security-consulting-dora-bild (1)\" _builder_version=\"4.27.4\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][\/et_pb_image][\/et_pb_column][et_pb_column type=\"1_2\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" custom_margin=\"0px|0px|0px|0px|true|true\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n Since 17 January 2025, almost all supervised institutions and companies in the European financial sector have been subject to the Digital Operational Resilience Act<\/a> (DORA). This aims to improve and harmonize the IT security and operational resilience of banks and financial institutions across Europe.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"12px||0px|||\" locked=\"off\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" custom_margin=\"0px|0px|0px|0px|true|true\" custom_padding=\"||40px|||\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n In Germany, institutions were previously regulated by BaFin's IT requirements. Many of the processes and measures required there can now be found in the DORA Regulation. In order to avoid double regulation, BaFin repealed the supervisory requirements for IT in e-money institutions (ZAIT<\/strong>), insurance undertakings (VAIT<\/strong>), and German asset managers (KAIT<\/strong>) in January of 2025. The affected institutions will be fully regulated by DORA in future. The scope of application of supervisory requirements for IT in financial institutions (BAIT<\/strong>) was initially adjusted. However, the circular will also be repealed in its entirety upon 31 December 2026.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.27.4\" _module_preset=\"default\" theme_builder_area=\"post_content\"][et_pb_column _builder_version=\"4.27.4\" _module_preset=\"default\" type=\"4_4\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" custom_padding=\"9px|||||\" hover_enabled=\"0\" global_colors_info=\"{}\" theme_builder_area=\"post_content\" sticky_enabled=\"0\"]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" theme_builder_area=\"post_content\" hover_enabled=\"0\" sticky_enabled=\"0\"]<\/p>\n Harmonization with DORA<\/a> requires a detailed implementation project at your institution. Before you start, we recommend that you consider which other security standards have already been implemented in your company and which national regulations place requirements on your company. In most cases, implemented systems and processes for compliance with ISO 27001<\/a> or the BaFin's IT requirements (BAIT, KAIT, VAIT, ZAIT) can be used as a good basis. A gap analysis is a good first step to create clarity.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=\"1_4,3_4\" _builder_version=\"4.27.4\" _module_preset=\"default\" custom_padding=\"0px||15px|||\" hover_enabled=\"0\" global_colors_info=\"{}\" theme_builder_area=\"post_content\" sticky_enabled=\"0\" custom_margin=\"||||false|false\"][et_pb_column type=\"1_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_image src=\"https:\/\/www.usd.de\/wp-content\/uploads\/\/finanzwesen-bait-harmonisierung-b.svg\" alt=\"PCI Zertifizierungsprozess Kick-off\" title_text=\"finanzwesen-bait-harmonisierung-b\" align=\"center\" _builder_version=\"4.27.4\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" width=\"60%\" width_tablet=\"20%\" width_phone=\"30%\" width_last_edited=\"on|tablet\" custom_margin=\"20px||||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][\/et_pb_image][\/et_pb_column][et_pb_column type=\"3_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" custom_margin=\"0px||0px||false|false\" custom_padding=\"15px|||||\" hover_enabled=\"0\" global_colors_info=\"{}\" theme_builder_area=\"post_content\" sticky_enabled=\"0\"]<\/p>\n As the requirements have a significant impact on institutions, a mere document review is not sufficient to determine the implementation status of the DORA requirements. We therefore recommend a combination of:<\/p>\n The result of the gap analysis<\/strong> is a good picture of the expected effort. It provides implementation options that can be used to set the direction for implementation at the highest management level (action plan<\/strong>).<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.27.4\" _module_preset=\"default\" custom_margin=\"-26px||||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.27.4\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n After completing the gap analysis, we work with you on harmonization projects that are tailored to your institution. In these projects, we specifically address the focal points identified in the gap analysis and work closely with you to implement the guidelines.\u00a0<\/p>\nHarmonization with DORA: How Do We Proceed?<\/h2>\n
Gap Analysis<\/h3>\n
\n