Co DLK dostarcza przy DORA
- ICT risk management framework
- Digital operational resilience strategy, including testing programme
- Governance arrangements
- ICT business continuity policy
- ICT response and recovery plans
- Financial entity’s ICT internal audit plans
- Financial entity’s policy on arrangements regarding the use of ICT services provided by ICT third–party service providers
- Risk scenarios, mapping of information assets and ICT assets, dependencies and interconnections with ICT third–party service providers, specific ICT risk assessment on all legacy ICT systems
- Security policy – data
- Policies and protocols related to strong authentication mechanism
- Procedures for change of ICT management, software, hardware, etc.
- Backup policies and procedures
- Restoration and recovery procedures and methods
- ICT–related incident management process, mechanism to detect promptly anomalous activities
- Strategy on ICT third–party risk
- Exit strategies
- Communication policies for internal staff and for external stakeholders
- Crisis communication plan
- Security awareness programmes and digital operational resilience training