Maintain and manage the Register of Information 

Be prepared for fixing errors indicated by EBA, continuous updating and on demand reporting of the registry. To maintain the Register of Information is an ongoing compliance process. 

The article 28 of the Digital Operational Resilience Act (DORA) includes the obligation to report new agreements to the supervisory authority, as well as presenting the registry upon request and annually. 


The DORA Register
of Information maintenance 

1

Plan

Planning the onboarding and offboarding of ICT suppliers

2

Do

Survey and assessment of new suppliers’ maturity, notifying the authority about new contracts

Check

Data validation, result analysis and reporting on demand

3

Act

Implementing corrections, regenerating reports
and assessment

4
Book a demo

How to fit the Register of Information into
risk management proccess? 

Maintaining and updating the Register of Information is crucial to fulfill legal obligation arising from DORA. Maintaining the Register of Information is part of the risk management framework in accordance with DORA. Within this framework, ICT risk management, incident management, and ICT supplier management are interconnected. You can perform the four listed types of activities in our DORA REGISTER and RIG DORA applications. 

Risk Analysis
and
Assessment 

Data from the register is used to analyze the causes and assess the risk. This helps in developing strategies to prevent similar incidents in the future. 

Incident
Reporting 

The RoI helps to see all connection in the supplier chain and prepare better assessment. This ensures full transparency and allows for reporting to the relevant supervisory authorities. 

Supplier
Management 

The Register of Information contains information about all external ICT service providers, enabling the assessment of risks associated with suppliers and managing dependencies on external entities. 

Business
Continuity 

Updates to the register support business continuity planning by documenting data recovery procedures and plans for restoring functionality after incidents. 

Combine maintaining the Register of Information with risk analysis and business continuity in RIG DORA tool.

Find out more about register and risk management with from our consultant.

Talk to us