Skip to main content

ITRS Group warns firms not to delay in implementing plans to meet EU operational resilience requirements DORA

London, 29 September 2022 – Two years since the European Commission first published its Digital Operational Resilience Act (DORA) in response to a spate of widespread system outages and cyber threats in the financial services sector, the final vote on it coming into full force is expected imminently. 

Over the last two years the Act has gone through a series of revisions, and now in its almost final state, it’s expected to receive plenary approval from the European Parliament in the next few weeks. Upon the Act being approved, firms will have two years to comply with new regulations, however leading software provider ITRS Group (ITRS) is warning that firms should not delay when it comes to implementing plans to meet compliance objectives. 

To prepare for DORA’s requirements, ITRS urges firms to identify any compliance gaps in their ICT systems, determine which of their third-party providers will be considered critical vendors and map their level of risk, implement a testing framework for digital resilience, determine whether their current recovery strategies align with new standards, and put plans in place to improve them where needed.

Commenting on the final approval of DORA, ITRS CEO Guy Warren said: “This is an important first step in the standardisation of operational resilience – across the EU but also the world, with other countries’ regulatory bodies likely to follow suit sooner than many firms might expect. International firms operating in the EU who can get their compliance in order now will be ahead of the game as other regions begin to implement similar standards. 

“Obviously it’s important to recognise that it’s not an easy task to both ensure and report on the resilience of the incredibly complex IT estates of modern businesses – nor should it be. This is why a single, comprehensive and real-time monitoring system across the business IT estate is essential. Having a complete view over all critical business services, plus that of third parties, will allow IT managers and business service owners to identify and mitigate problems before they occur, and track and quickly resolve any issues that do slip through.”

To ensure firms feel prepared for the changes, ITRS has produced a whitepaper which outlines key requirements for businesses to be aware of, including stress testing for digital resilience, comprehensive ICT risk management planning, ICT incident reporting, and third-party service provider risk analysis and documentation.  For more information, download the full whitepaper here.


About ITRS Group

ITRS Group ensures operational resilience for enterprises engaged in transforming their IT estate for a digital future, as well as the ongoing health of their on-premise, cloud-based or hybrid IT estate. By transforming the mass of raw data on performance, resource usage, and cost, ITRS Group’s solutions can detect and actively prevent problems and maximise cost efficiency, reassuring enterprises that their IT estates are running effectively. With experience in legacy technologies as well as the dynamic environment of cloud-delivery, agile development, and service-based architecture, ITRS Group’s people and software serve more than 4500 clients across industry markets. As new disruptors, new technologies, and new regulations continue to shape the marketplace and change the expectations of consumers, ITRS Group offers a best-in-class service and is a source of confidence for the always-on enterprise.

For more information, visit