Operations
Operational Resilience Update – Mapping and 3rd Parties
Under Operational Resilience, firms must identify and document the people, processes, technology, facilities, and information essential for delivering important business services, including any third-party relationships that could affect impact tolerance
Read MoreOperational Resilience Update – Impact Tolerances
Under Operational Resilience, firms must set impact tolerances for important business services and regularly review them. The FCA findings recently highlighted a variety of impact tolerances with limited rationale on what constitutes intolerable consumer harm or risks to market integrity, necessitating further clarification
Read MoreOperational Resilience Update – Important Business Services
Under Operational Resilience, firms must identify their important business services and review them regularly. Remember that these are services which, if disrupted, could
Read MoreDelivering DORA in an Asset Management Firm
In our previous post on DORA, we explained what it is, and summarised the content of the four papers that were released on 10th January 2024 explaining what is required. In this article, we take a look at how these translate into practical steps that an asset manager can take…
Read MoreDigital Operational Resilience Act – A Guide for Investment Managers
Compliance with DORA necessitates a multi-faceted approach for investment managers. This regulatory suite aims to bolster the financial sector’s resilience to ICT risks, ensuring that entities like investment managers are well-equipped to manage, report, and mitigate ICT-related incidents and threats efficiently. Below is a comprehensive guide
Read MoreDORA – 3rd Party Technology Outsource Providers
Further to our recent LinkedIn posts on the EU DORA regulation, we thought it would be useful to outline the plans for dealing with 3rd Party technology outsource providers
Read MoreDORA – Risk Management Framework
Further to our recent posts on the EU DORA regulation, we thought it would be useful to outline the Risk Management Framework that firms should be considering:-
Read MoreDORA – Challenges for Asset Managers
DORA may not be uppermost in the thoughts of Asset Managers, but it is a regulation that cannot be ignored if you carry out business in the EU, or with parties falling into
Read MoreThe Five Pillars of DORA for the Financial Services Industry
Further to ISC’s recent posts on the topic of DORA, and following the ESA briefing to financial services industry participants in early February 2023, here are the five pillars upon which DORA is built and which underpin the
Read MoreImportance of Incident Management for Investment Managers in the Context of the European DORA Regulation
In ISC’s last post on DORA regulation, which briefly described the Cybersecurity Requirements, we mentioned the need to respond to security incidents in a timely manner. Here are further details around that
Read More