CISA· ISACA
Certified Information Systems Auditor (ISACA)
ISACA’s CISA targets IS audit. 5 domains, ITAF and COBIT, 2,300+ questions with AuditBot explanations.
Term DefinitionCompliance
DORA Regulation
Digital Operational Resilience Act — EU regulation on digital operational resilience.
DORA (EU Regulation 2022/2554) applies to financial entities (banks, insurers, asset managers, etc.) and their critical ICT third-party providers (CTPPs). Applicable since January 2025, it covers 5 pillars: ICT governance, ICT risk management, incident reporting, digital operational resilience testing, and ICT third-party risk management. It is one of the most demanding regulations for the European financial sector regarding technology risk.
📌 Key points
- Applicable since January 17, 2025 — no additional transition period
- 5 pillars: ICT governance, risk management, incidents, resilience testing, third-party risks
- CTPPs (critical tech providers) are directly supervised by EU regulators
- Mandatory resilience tests: TLPT (Threat-Led Penetration Testing) for significant entities
- Fines up to 1% of global daily turnover for non-compliant CTPPs
Related certifications
These certifications cover the concept of "DORA Regulation" in depth.
CRMA· IIA
Certification in Risk Management Assurance (IIA)
IIA’s CRMA specialises audit on risk management (ERM, COSO ERM 2017, Three Lines Model). Single 10-week exam path.
🔗 Related concepts
ComplianceFrameworksFrameworksFrameworksRisk
NIS2 Directive
EU directive on the security of network and information systems — revised version.
ISO 27001
The international standard for Information Security Management Systems (ISMS).
NIST CSF
NIST Cybersecurity Framework — the US reference for managing cyber risks.
GRC Platform
Integrated software to manage Governance, Risk, and Compliance in one place.
Enterprise Risk Management (ERM)
An integrated, holistic approach to identifying and managing all organizational risks.
📖 Related articles
Master this concept and more
Start your GRC certification journey today.