CREDIT UNIONS - REGISTER TODAY

Certified Digital Operational Resilience Officer

Certified Digital Operational Resilience Officer (CDORO)
Credit Union Edition

A focused, two-day live programme for Irish credit union leaders and boards who are accountable for operational resilience, governance, and compliance. Delivered with the Irish League of Credit Unions (ILCU) and led by Paul C Dwyer—an internationally recognised expert in EU DORA and cybersecurity—the course turns regulatory obligations into proportionate, practical actions your organisation can evidence.

Across expert briefings and an immersive tabletop simulation, you’ll translate DORA and NIS2 into board-ready oversight, clear roles and responsibilities, and a measurable resilience programme. You’ll leave with a tested roadmap and the confidence to communicate resilience status to stakeholders, senior management, and the regulator.

What You’ll Gain

Governance clarity: board and senior management duties under DORA (proportional to credit unions).
Practical know-how: incident classification & reporting, resilience testing, ICT third-party risk, and information sharing.
Tools & templates: actionable artefacts to evidence oversight and progress.
Hands-on experience: 2-hour live tabletop exercise tailored to credit union scenarios.

Assessment & certification

Online, open-book exam (50 MCQs) — pass mark 80%, up to 3 attempts.
30 days’ access to course materials and support.
CDORO certification awarded on successful completion.

Who should attend
CEOs, board members/NEDs, and leaders in compliance, risk, IT and operations within Irish credit unions.

Key Topics Covered

Board Leadership & Governance (Articles 5–6)
Roles, accountability, and the evidence the Central Bank of Ireland expects from boards and senior management.
Proportional Compliance for Credit Unions
Applying DORA and NIS2 in a right-sized way: what’s in scope, where to start, and how to avoid over-engineering.
Pillar 1 — ICT Risk Management
Building a living ICT risk register, linking risks to business impact, and mapping controls to frameworks (e.g., NIST CSF/ISO 27001).
Pillar 2 — Incident Management & Reporting
Classification thresholds, response playbooks, internal/external communications, and timely reporting to the regulator.
Pillar 3 — Digital Operational Resilience Testing
Proportionate testing (BCP/DR, scenario and technical tests), remediation tracking, and “prove it, don’t just say it.”
Pillar 4 — ICT Third-Party Risk Management
Due diligence, resilience clauses and audit rights, concentration risk, ongoing monitoring, and exit strategies.
Pillar 5 — Information Sharing & Sector Collaboration
Trusted intelligence sharing, ILCU/sector initiatives, and how collaboration strengthens early warning and response.
Live Tabletop Exercise (2 hours)
Credit-union-specific scenario to test decision-making, escalation, communications, and DORA reporting under pressure.
Tools, Templates & Technology (incl. CyberPrism)
Practical artefacts to evidence oversight and progress; using platforms to assess readiness, track actions, and create audit-ready trails.
Measuring & Evidencing Resilience
Maturity baselines, KPIs/KRIs, dashboards and board reporting that stand up to scrutiny.
Ongoing Education (Article 13)
Role-based training expectations and how to demonstrate continuous learning and competence.

Who should attend

This course is tailored for Irish credit union leaders and boards who are accountable for digital operational resilience, governance, and compliance. It’s ideal for those who must interpret and evidence DORA/NIS2 obligations in a proportionate way.

Typical attendees include:

CEOs, General Managers, and Board/NED members
Head of Compliance, Head of Risk, MLRO
IT/Operations leaders (CIO/CTO/IT Manager, Operations Manager)
Internal Audit and assurance leads supporting board oversight

Pre-requisites

There are no formal prerequisites. A working familiarity with your credit union’s governance, risk, and incident processes is helpful. Prior certifications (e.g., DCCS – DORA Certified Compliance Specialist) are beneficial but not required.
Tip: Bring (or have access to) your incident response plan and key supplier/outsourcing terms for the tabletop exercise and practical sessions.

How will I learn?

You’ll learn through a mix of expert-led briefings, interactive discussions, and credit-union–specific case studies, with a strong focus on practical application.

Live sessions: Clear, board-level guidance on DORA/NIS2 with Q&A and peer discussion.
Hands-on practice: A 2-hour tabletop simulation to rehearse decision-making, escalation, and regulatory reporting under pressure.
Tools & templates: Practical artefacts you can take back to your credit union, plus a CyberPrism demo to show how to assess readiness and evidence oversight.
Online learning: 30 days’ access to slides, templates, and support so you can revisit key concepts at your own pace.
Assessment: Open-book online exam (50 MCQs, 80% pass, up to 3 attempts) to consolidate learning and earn certification.

Learning outcomes

By the end of the CDORO — Credit Union Edition you will be able to:

Explain board and senior management duties under DORA (and how NIS2 intersects), applying proportionality for Irish credit unions.
Assess your current posture by building a living ICT risk register (Pillar 1) and mapping controls to recognised frameworks (e.g., NIST CSF / ISO 27001).
Design and evidence incident readiness (Pillar 2): classification thresholds, response playbooks, communications, and timely reporting to the CBI.
Plan and oversee proportionate testing (Pillar 3): continuity/DR, scenario and technical testing, with remediation tracking and clear ownership.
Manage ICT third-party risk end-to-end (Pillar 4): due diligence, resilience clauses and audit rights, performance monitoring, concentration risk, and exit planning.
Leverage sector collaboration (Pillar 5): participate in trusted information-sharing to strengthen early warning and coordinated response.
Produce board-ready reporting: KPIs/KRIs, dashboards, and artefacts that stand up to audit and supervisory review.
Build a 12-month resilience roadmap with milestones, owners, and metrics tailored to your credit union.
Use practical tools & templates (incl. CyberPrism) to track status and evidence ongoing oversight.
Meet education and assurance expectations by completing the open-book online exam (50 MCQs; 80% pass; up to 3 attempts) and planning role-based ongoing training.

Your Instructor is Paul C Dwyer

Global Authority on Digital Operational Resilience, Cybersecurity & Financial Sector Compliance
Author | Advisor | Educator | Entrepreneur | Thought Leader

Paul C Dwyer is recognised as one of the world’s foremost experts in cybersecurity, cyber risk, and digital operational resilience. As President of the ICTTF – International Cyber Threat Task Force – and CEO of Cyber Risk International, Paul has advised and supported the strategic resilience of governments, global financial institutions, defence agencies, and critical infrastructure operators for over 30 years.

Paul is the creator and head tutor of the DCCS – DORA Certified Compliance Specialist course, the de facto industry standard for financial professionals seeking to understand and implement the EU Digital Operational Resilience Act (DORA). With over 1,000 alumni worldwide, the DCCS is endorsed by leading industry bodies including the International Compliance Association (ICA). In parallel, Paul authored the essential guide Navigating DORA: A Financial Executive’s Roadmap to Compliance and Resilience – regarded as the definitive playbook for senior leaders tackling digital resilience challenges.

A trusted advisor to NATO on countering hybrid cyber threats, Paul has also provided strategic counsel to the UK Government’s Defence Committee (DefCom), the National Counterterrorism Security Office (NaCTSO), and led digital operational resilience strategies for tier-one banks, insurance providers, and regulators. His career spans roles including Interim Global CISO, Board Advisor, and Chair of multiple resilience and cyber governance programmes across jurisdictions.

Paul is also the founder of the EU DORA Summit – Europe’s premier platform for senior financial sector leaders navigating digital operational resilience – and the visionary behind DORAGPT, a generative AI tool hailed as the “Swiss Army Knife of DORA compliance”.

A certified practitioner in cybersecurity (ISC2, ISACA), governance, and risk, Paul is a Fellow of the Irish Computer Society and holds a Diploma in Corporate Governance from the Corporate Governance Institute. He is also certified by Harvard as a Higher Education Teaching Specialist.

With a background that bridges technical mastery, legal acumen, and board-level strategy, Paul brings a unique blend of experience to every engagement. Whether educating the next generation of resilience professionals or designing frameworks for systemic stability, Paul’s mission is clear: to empower organisations to not just comply, but to thrive in the face of digital disruption.

Course Schedule

What does the course cost?

Standard price: €3,499 (training; no VAT applies)
Early bird: €2,499
Exclusive ILCU member rate: €2,250 — book via our partner at www.culearn.ie to access member pricing and any additional promotions.

What’s included: Two full days of training, refreshments and lunch, 30 days’ online access to materials and support, and the online open-book exam (50 MCQs; 80% pass; up to 3 attempts). Accommodation is not included.

Note: This course is not eligible for CPD hours under the ILCU CPD scheme. Places are limited—early booking is recommended.

CDORA Course Agenda

LINKS

HEAD OFFICE

ICTTF Ltd
Unit 8, Kinsealy Business Park,
Kinsealy Lane,
Malahide,
Co Dublin
K36 CX92
info@icttf.org
support@icttf.org
+353 (0)1 905 3263

Certified Digital Operational Resilience Officer