ΠΕΡΙΓΡΑΦΗ

Due to the continuous technological changes, the complexity of ICT and security risks within financial institutions is increasing. Subsequently, the frequency of ICT and security-related incidents is rising which leads to a potentially significant negative impact on the operational functioning of financial institutions. 

Therefore, to manage the vulnerability of financial institutions towards internal and external ICT risks, the EBA issued guidelines to establish how financial institutions should manage and mitigate the ICT risks they are exposed to which came into force in June 2020. In addition, the EBA guidelines aim to provide a better understanding of the supervisory expectations for the management of such risks covering sound internal governance, information security requirements, ICT operations, project and change management and business continuity management. 

To enhance the framework for such risks, the EU adopted the Digital Operational Resilience Act (DORA), which aims to ensure the financial sector in Europe can stay resilient through any severe operational disruption. 

This programme aims to provide an overview of the EBA Guidelines on ICT and security risk management as well as a brief overview of the DORA on the five main pillars that outline requirements and expectations for operational resilience.

ΣΚΟΠΟΣ ΣΕΜΙΝΑΡΙΟΥ

By the end of the programme, participants will:

• Have a good understanding of the main elements of the five pillars of DORA
• Know the processes to be put in place for the ICT and security risk framework based on EBA Guidelines and DORA
• Know what to include in an Information Security Policy
• Understand the ICT-related incident management process, classification and reporting based on DORA
• Know how to establish a sound business continuity management process
• Recognise the establishment, maintenance and reviewing of a sound and comprehensive digital operational resilience testing programme

ΣΕ ΠΟΙΟΥΣ ΑΠΕΥΘΥΝΕΤΑΙ

• Directors
• Senior Managers
• Compliance officers
• ICT specialists/officers
• Financial consultants
• Professionals in the banking sector

ΠΕΡΙΣΣΟΤΕΡΕΣ ΠΛΗΡΟΦΟΡΙΕΣ

Training Outline 

• EBA Guidelines and DORA: scope, definitions and purpose
• Internal governance and internal control framework
• Requirements for information security
• Requirements for ICT project and change management
• Business continuity management and recovery plans
• Five pillars of DORA and what they achieve
• ICT-related incident management process, classification and reporting based on DORA

Training Style 

This programme is designed to deliver high-level knowledge and insights into the EBA Guidelines on ICT and security risk management and DORA. It will strive to enhance participants’ skills and knowledge via lectures supported by power-point presentations. The training style is learner-focused, where participants are encouraged to raise questions, seek clarifications and share their opinions from their different perspectives and engage in an exchange of views and personal professional experiences. 

CPD Recognition 

This programme may be approved for up to 6 CPD units in Banking and Financial Regulation. Eligibility criteria and CPD Units are verified directly by your association, regulator or other bodies which you hold membership.