Interview: Comparing DORA to the CBoI’s Guidance on Operational Resiliience

[Reading time: 21 seconds]

Keeping with the DORA theme this week, I recently interviewed Carina Myles, a Governance, Risk and Compliance partner in Eisner Amper, about the new regulation.

In the interview, we discuss:

• The main difference between CBoI guidance on Operational Resilience and DORA.
• What DORA means for a firm that is aligned to CBoI guidance?
• What will DORA compliance look like for smaller organisations (e.g. credit unions) vs larger ones?
• The challenges of getting service providers to understand regulatory compliance.
• The common realisation that your IT service provider is not managing your security.
• Why the CBoI guidance on Op Resilience was written with DORA in mind.
• The challenges of the Technical Standards, especially in relation to contracts.

You can watch the interview here on YouTube*.

If you would prefer to listen – The interview will be included in the next episode of The Cybersecurity Without Insanity podcast. You will be able to access it from https://secureandassure.com/podcast or wherever you get your podcasts.

* If you work in an organisation that blocks access to YouTube, let me know. If this is still a common restriction, I will look at publishing these interviews on another platform.