Does DORA apply outside of the EU? For example, Jersey, Guernsey and Mauritius?
30/08/2023
Although DORA is an EU regulation, you may still be in scope in Jersey, Guernsey and Mauritius. For example, financial services are considered in scope if they provide services to a financial institution in the EU.
While it isn't yet law in the UK, DORA will still likely apply, with authorities hinting that it will become UK law. And where the UK and EU go, others will likely follow.
Whether in the EU, UK, Jersey, Guernsey, Mauritius or otherwise, all organisations should assess whether they will fall within the scope of DORA and what actions they'll need to take to comply.
How will DORA affect the board?
One of the crucial mandates of DORA is that boards of financial services organisations will be accountable for ICT risk by law. This is a big step forward – while cybersecurity is recognised as a board-level risk, it's now codified in EU law.
The board must also be educated on the threats and risks of their digital estate; this means that scrutiny on CISOs and other cybersecurity leaders will likely increase, as will their influence within the boardroom.
How can Comsure help
Link to full DORA requirements: https://lnkd.in/eA8KSEaU - Chapter II practicalities for implementation include:
✅ Article 5 - Governance and Organisation
✅ Article 6 - Risk management framework
✅ Article 7 - Systems, protocols and tools
✅ Article 8 - Identify
✅ Article 9 - Protect and Prevent
✅ Article 10 - Detect
✅ Article 11 - Respond and Recover
Comsure training
- If your organisation is affected by the regulations (see Article 2), Comsure can deliver a self-paced, eLearning course provides education on a risk management framework in line with ISO 31000:
- WE HAVE TRAINING https://lnkd.in/dV_JChb ✅ [contact Mathew for discounts]
- This program teaches HOW to implement the NIST Cybersecurity Framework ([Governance], Identify, Protect, Detect, Respond, Recover):
- WE HAVE TRAINING https://lnkd.in/dfR8nMJX ✅[contact Mathew for discounts]
- Individual self-paced, eLearning NIST Cyber Security Professional (NCSP®) courses can be purchased here:
- WE HAVE TRAINING https://lnkd.in/d4FchTq ✅[contact Mathew for discounts]
Full details of the program are here: www.nistcybersecurityprofessional.website – please get in touch with mathew@comsuregroup.com for discounts available to those in the Channel Islands and Mauritius [other jurisdictions covered – please check with Mathew details below]
- Mathew Beale - Chartered FCSI
- Principal (Director) - Comsure Compliance Limited, Comsure Technology Limited (the "Comsure Group of Companies")
- No 1 Bond Street Chambers, St Helier, Jersey, Channel Islands, JE2 3NP
- Direct Tel: +44 (0) 1534 626841 - Mobile Tel: +44 (0) 7797 747 490
- mathewbeale@comsuregroup.com - www.comsuregroup.com
Sources
The Team
Meet the team of industry experts behind Comsure
Find out moreLatest News
Keep up to date with the very latest news from Comsure
Find out moreGallery
View our latest imagery from our news and work
Find out moreContact
Think we can help you and your business? Chat to us today
Get In TouchNews Disclaimer
As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[www.gov.UK/government/publications/copyright-acts-and-related-laws]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here www.gov.uk/guidance/exceptions-to-copyright]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email info@comsuregroup.com.