Please Note: ICTTF Ltd is an independent organisation and is in no way affiliated or associated with the EU

About This Course


90 Days Online Access from 30/01/23
24/7 Access to All Training Material
3-5 Hours Per Module
Self Paced Entirely Online
Online Academy
Delivered Entirely Online
Course Accessible Anytime
Self Paced Learning
€ 499 > early bird €299
(until 30/01/2023)

DORA Course in 1 Minute


Write your awesome label here.
“This is like GDPR on steroids and is the most positive catalyst to improve digital operational resilience in the financial sector ever!” (Paul C Dwyer)
Learn about DORA by becoming a DCCS - DORA Certified Compliance Specialist. Our on-demand course incorporates online exams and is supported with access to live training sessions.
The clock is ticking, the compliance deadline is Jan 17th 2025

Our Partners 


More Info


What does the Course Cover?


The course supports students on a 10 modules journey. You are provided with 24/7 access to all materials and are also supported with access to live learning support sessions. Key Learning Objective: Understand the DORA Regulation and Your Obligations.

"The course offers a clear, concise and accurate synopsis of the regulations that made it easily digestible!"

Jonathan Sullivan

"Another excellent course from the ICTTF. I learned a lot, DORA is going to keep us busy for years!"

 Mark Duggan


Do you want to avoid potential fines of up to 2% of your entity's total annual worldwide turnover?

The Digital Operational Resilience Act, or DORA, is a regulatory initiative carried out by the EU to harmonise Information and Communication Technology (ICT) risk requirements across Europe in the financial services industry.

It builds on existing institutional EU requirements that manage information and communication risks and compliments what is being implemented in the UK and other countries as well.

DORA aims to prevent and mitigate cyber threats and ensure that financial entities can withstand, respond to, and recover from all types of ICT related disruptions and threats.

DORA IS IN FORCE FROM JANUARY 16TH 2023. The clock is ticking, the compliance deadline is January 17th 2025


Explore the Modules


MODULE 1

CYBER THREATS AND THE FINANCIAL SECTOR

o   Overview of Cyber Threat Landscape

o   Digital Economy, Europe and the World

o   OCG Organised Criminal Groups & Geopolitics

o   Financial Sector as Target

o   Integrated and Interdependent

o   Contagion Effect

o   Compliance vs Security

o   Digital Transformation and Innovation

o   Keys to Success: Cyber Risk Management and Collaboration

o   Leveraging Great Work from ENISA and others

MODULE 2

UNDERSTANDING DORA

o   Executive Overview

o   Background and Context

o   Fines

o   Key Dates

o   Other Related Regulations

o   Anatomy of the Document

o   Subject Matter

o   Scope

o   Definitions

o   Proportionality Principle


MODULE 3

ICT RISK MANAGEMENT

o   Executive Overview

o   Governance and Organisation

o   ICT Risk Management Framework

o   ICT Systems, Protocols and Tools

o   Identification

o   Protection and Prevention

o   Detection

o   Response and Recovery

o   Backup Policies and Procedures, Restoration and Recovery Procedures and Methods

o   Learning and Evolving

o   Communication

o   Further Harmonisation of ICT Risk Management Tools, Methods, Processes and Policies

o   Simplified ICT Risk Management Framework

o   DORA Compliance Check List

MODULE 4

ICT RELATED INCIDENT MANAGEMENT, CLASSIFICATION AND REPORTING

o   Executive Overview

o   ICT Related Incident Management Process

o   Classification of ICT Related Incidents and Cyber Threats

o   Reporting of Major ICT Related Incidents and Voluntary Notification of Significant Cyber Threats

o   Harmonisation of Reporting Content and Template

o   Centralisation of Reporting of Major ICT Related Incidents

o   Supervisory Feedback

o   Operational or Security Payment Related Incidents Concerning Credit Institutions, Payment Institutions, Account Information Service Providers, and Electronic Money Institutions

o   DORA Compliance Check List


MODULE 5

DIGITAL OPERATIONAL RESILIENCE TESTING

o   Executive Overview

o   General Requirements for the Performance of Digital Operational Resilience Testing

o   Testing of ICT Tools and Systems

o   Advanced Testing of ICT Tools, Systems and Processes Based on TLPT

o   Requirements for Testers for the Carrying out of TLPT

o   DORA Compliance Check List

MODULE 6

MANAGING OF ICT THIRD PARTY RISK

o   Executive Overview

o   General Principles

o   Preliminary Assessment of ICT Concentration Risk at Entity Level

o   Key Contractual Provisions

o   DORA Compliance Check List


MODULE 7

OVERSIGHT FRAMEWORK FOR CRITICAL THIRD PARTY SERVICE PROVIDERS

  Executive Overview

o   Designation of Critical ICT Third Party Service Providers

o   Structure of the Oversight Framework

o   Tasks of the Lead Overseer

o   Operational Coordination Between Lead Overseers

o   Powers of the Lead Overseer

o   Exercise of the Powers of the Lead Overseer Outside the Union

o   Request for Information

o   General Investigations

o   Inspections

o   Ongoing Oversight

o   Harmonisation of Conditions Enabling the Conduct of the Oversight Activities

o   Follow Up by Competent Authorities

o   Oversight Fees

o   International Cooperation

o   DORA Compliance Check List

MODULE 8

INFORMATION SHARING ARRANGEMENTS

o   Executive Overview

o   Information Sharing Arrangements on Cyber Threat Information and Intelligence

o   DORA Compliance Check List


MODULE 9

COMPETENT AUTHORITIES

o   Executive Overview

o   Competent Authorities

o   Cooperation with Structures and Authorities Established by the EU

o   Cooperation Between Authorities

o   Financial Cross Sector Exercises, Communication and Cooperation

o   Administrative Penalties and Remedial Measures

o   Exercise of the Power to Impose Administrative Penalties and Remedial Measures

o   Criminal Penalties

o   Notification Duties

o   Publication of Administrative Penalties

o   Professional Secrecy

o   Data Protection

MODULE 10

DELEGATED ACTS AND FINAL PROVISIONS

o   Executive Overview

o   Exercise of the Delegation

o   Review Clause

o   Amendments Articles 59-63

o   DORA Application

The Course is for?


IDEAL TRAINING COURSE FOR
Risk Compliance Leader
Comply with EU Regulations
Gaining Recognition
Cyber Risk Management Specialist
Cyber Security and Risk Teams
Collaborate and Support Enterprise

How do you Learn?


The course is delivered entirely online. Students are provided with 90 days access to all the training material and exams.
Training material comprises of rich interactive media such as videos, info-graphics and course notes. There are many opportunities for collaborative learning via the discussion forums and you can leverage the portal to connect to other students around the world. All students also have access to scheduled remote live learning session, with an opportunity to directly liaise with the tutor.
There are 10 modules with 5 online exam in total. The pass score for each exam is 80% and you must obtain an average score of 80% or higher across all activities to be successfully certified. You can re-sit each of the module exams three times if required.

What Support do I Get?


Head Tutor
Subject Expert
Course Manager
One to One Student Support
Technical Support
Available to Solve Tech Issues
Social Learning
Student Network Collaboration
Extended Network of Material
Recommended External Material
Subtitles/CC
Core Module Videos Have Captions

About the Head Tutor


Paul C Dwyer – President of the ICTTF International Cyber Threat Task Force

Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients. As founder and President of the ICTTF International Cyber Threat Task Force he is an advocate for diversity in the industry and leads a community of over 30,000 with a common goal to defeat cyber evil.
Certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA). Approved by the National Crime Faculty and the HTCN High Tech Crime Network. He has worked extensively around the world his diverse career spans more than 30 years working with military, law enforcement and the commercial sector.
Roles have included:
  • President of the ICTTF International Cyber Threat Task Force
  • Co Chairman of the UK NCA National Crime Agency Industry Group
  • Advisor to NaCTSO (National Counter Terrorism Security Office)
  • Advisor to NATO on Countering Hybrid Cyber Threats
  • Advisor to UK Defence Committee DEFCOM in Parliament
  • Deputy Chair – Organised Crime Task Force Industry Group – NI
  • Interim Global CISO for numerous multi national organisations
  • Advisor to numerous governments and intelligence agencies
PAUL C DWYER CEO - BIO
“An eye opening course bringing to life exactly what a CISO is and maybe more importantly what is isn’t. Many lightbulb moments that will help refocus how to better align security with the business, and what it takes to be successful.” Mark Conabeare – CISO Debenhams

“An eye opener giving a global picture backed up with real world examples, Great Knowledge.” Shane O’Reilly – Head of IT – Total Produce

FAQ


How do I get Certified?


Successful certification depends on several factors. The online course includes continual evaluation of your performance and competency.
If you meet all the certification requirements which includes the professional experience prerequisite, adoption of the ICTTF Code of Ethics and successful performance on the required curriculum and competency evaluation, you will be certified and entitled to all of the rights and privileges associated with the designation. You need to re-certify every three years.

Will it Help my Career?


There is a Global IT security skills shortages and it has now surpassed four million according to a recent industry survey.
The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year. This includes 561,000 in North America and a staggering 2.6 million shortfall in APAC. The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.
The global security workforce needs to increase by a staggering 145% to cope with a surge in hiring demand. In Europe, this has come particularly in smaller companies with one-99 employees, as well as those with over 500 employees.
In the report, over half (51%) of cybersecurity professionals said their organization is at moderate or extreme risk due to staff shortages.

Do I need to have a Cyber Security Background?


No, but we recommend you work in the financial sector compliance and/or cyber risk roles.

What is the Course Format?


The DCCS(DORA Certified Compliance Specialist) course is delivered entirely online with recorded videos, exams and live session.

Overview: 
Introduction outlining the features of the online campus portal. Students get an opportunity to complete their online student profiles. Introductions to key support contacts.
Format: Video, MCQ exam
Each module is comprised of the following materials:
  • Videos (Covering the Module Topic)
  • Online Exam
Each module exam contributes equally towards the continuous evaluation of students and form part of their overall assessment and scoring

What is the Pass Mark and How Does the Scoring Work?


The pass mark for successful certification on the DCCS course is 80%.

What is the Cancellation Policy?


Registration: A booking online reserves your place, this does not guarantee your place. Only *payment in full of the course fees will guarantee your place. You will be sent a registration email to complete your profile once payment in full has been received.
Installment Payment Option: If a student has elected to pay by installments, they are fully committed and legally obligated to pay ALL installments outlined.
Course Cancellation: Due to unforeseen circumstances, ICTTF Ltd may be compelled to cancel the course at short notice. In such circumstances, registrants will be entitled to a full refund of their course fee, or the course fee can be credited towards a future course.
Cancellation:

Notice of a registrant’s intention to cancel their registration must be made in writing (sales@ICTTF.org ) to ICTTF Ltd. In such cases, registrants will have the following options:

1) Nominate a replacement to attend in their place. Such notice must be made in writing at least 5 days before the commencement of the course.

2) Defer to a course commencing at a later date. Such notice must be made within 10 days of the commencement of the course and is subject to availability.

Registrants who fail to attend the course will be charged 100% of the full fee.

Substitutions/Replacements:

Where a registrant who has to cancel nominates a suitable replacement to attend in their place, no cancellation penalty will be incurred unless the registrant has already started the course. The suitable replacement must meet the Entry Requirements for the

course.

Fees: Participants wishing to transfer to a later date will be billed a 10% administration fee plus any increase in the price of the course.  

Participants who started the course and wants to nominate a replacement will be billed a 10% administration fee plus any increase in the price of the course.
Changes to Course: ICTTF Ltd. reserves the right to change course content, structure, lecturers and dates.

Where are the Terms and Conditions?


Please follow this link to the Cyber Risk Academy terms and conditions: Terms and Conditions

Where will my Certified Qualification be Recognized?


Our cyber risk certifications are globally recognized. This course has been accredited and benefits from dual certification by the International Compliance Association (ICA) and other respected bodies.