ICT Risk Management

From January 2025, DORA will introduce uniform requirements for ICT security, but exceptions for smaller financial institutions will provide a degree of relief. Nevertheless, differences between EU member states will remain due to national implementation leeway.