DORA diagnostic for ICT vendors

Select the coverage level for each requirement. The score highlights priorities before answering a financial entity.

Readiness checklist

The grid covers controls expected by financial clients: governance, security, continuity, subcontractors, data location, incident notification and evidence traceability.

GovernanceA vendor DORA owner is appointed and has a clear mandate. Yes Partial No

GovernanceICT services provided to financial clients are mapped by criticality. Yes Partial No

ContractArticle 30 obligations are covered in contract templates. Yes Partial No

SecurityAccess controls, encryption, logging and access reviews are documented. Yes Partial No

ResilienceRTO/RPO targets are defined, tested and linked to critical services. Yes Partial No

IncidentsThe client incident notification process is documented with deadlines and contacts. Yes Partial No

OutsourcingMaterial subcontractors are identified, monitored and notifiable to the client. Yes Partial No

EvidencePolicies, test reports, attestations and continuity plans are ready to share. Yes Partial No

DataProcessing locations and transfers outside the EEA are documented. Yes Partial No

ExitAn exit assistance and reversibility plan is available. Yes Partial No

Score: 0%

Monetization placements are ready for AdSense and affiliate links, disabled until IDs are provided.

Prepare DORA evidence without scattered spreadsheets. robots.txt sitemap.xml ads.txt