DORA voor ICT-leveranciers: Wat moet je weten?

DORA for ICT suppliers: what do you need to know?

March 12, 2025

The Digital Operational Resilience Act (DORA) is a European regulation that is effective as of Jan. 17, 2025 is in effect and aims to increase the digital resilience of financial institutions

This legislation sets requirements for the security of network and information systems so that they can withstand disruptions and cyber attacks. Although DORA is aimed primarily at financial institutions, it also has significant implications for IT vendors who provide their services to these institutions

Impact on IT vendors

DORA applies to a wide range of ICT services provided by ICT suppliers to financial institutions within the EU. These include Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS), software, cybersecurity services, data center services, data analytics services and managed services such as network management. Even digital doorbells, thermometers and pinkassa can qualify as ICT services under DORA

Obligations for IT vendors

At all times, a financial institution is responsible for complying with and monitoring its obligations under DORA. Therefore, they will contact their existing and potential ICT suppliers to ensure their compliance with information security standards.

ICT vendors can expect the following topics to be addressed:

Risk assessment and due diligence.: Before contracting, the financial institution should conduct due diligence to ensure that the IT vendor is suitable and meets information security standards.
Continuity and resilience: Assessment of the IT vendor's risk management and business continuity measures to ensure the operational resilience of the financial institution.
Subcontractors: Requests for information from the financial institution on the use of subcontractors used by the IT vendor.

DORA introduces new requirements and contractual adjustments that ICT suppliers must implement to support their customers in increasing their digital resilience. It is essential for ICT suppliers to be aware of these obligations and take proactive measures to meet the requirements of DORA.

At Analyst ICT, we have prepared ourselves by ensuring that we comply with ISO 27001, NEN 7510 and ISO 9001 standards. What this all means and how we have arranged this, we would be happy to discuss with you. Superlogic right?

Recent blogs

Blog

Apple 50 Years: 50 Years of Daring to Think Differently

This year, Apple celebrates its 50th anniversary. A milestone that cannot simply be overlooked. Because whether you are a fan or not: Apple has permanently changed the way we work, communicate, and create. At Analyst ICT, we are proud to be part of this ecosystem. As an Apple Technical Partner, we work daily with technology that is not only powerful but, above all, logical and pleasant to use. A different perspective on technology Apple has always distinguished itself by one simple conviction: technology should help people, not hinder them. No unnecessary complexity, but simplicity and ease of use. That aligns seamlessly...

Blog

Why saving passwords in your browser is not a good idea

The blog post below was created in response to a question during our engineering meeting. Every two weeks, we get together with all of our technical staff to discuss the latest developments in technology or with clients. Good client questions also arise during these meetings, such as this one. Time to do some research. Thank you, Wiebe! You've probably experienced this: you log in to a website, and your browser asks if it should remember your password. Convenient, fast, and you don't have to remember anything. However, there's a risk involved. In practice, we see that many security incidents start with something small. Like saving passwords…

Blog

Apple is taking a big step with Apple Business

Apple announced something special this week. Not a new device, but something that might be even more interesting for many organizations: Apple Business. A completely new platform with which Apple brings all its business services together in one environment. And frankly: this is a development that we at Analyst ICT are following with great interest. The problem: fragmented tools and unnecessary complexity Many organizations working with Apple will recognize the problem: Multiple portals (Apple Business Manager, Business Essentials, Connect) Different tools for management, branding, and support Additional costs for basic functionalities such as device management This leads to a lack of clarity and costs time. And…

DORA for ICT suppliers: what do you need to know?

Recent blogs

Apple 50 Years: 50 Years of Daring to Think Differently

Why saving passwords in your browser is not a good idea

Apple is taking a big step with Apple Business

A newsletter

Superlogic right?

Contact

Direct to

About us

What we do