Rozporządzenie w sprawie operacyjnej odporności cyfrowej sektora finansowego (DORA)

The Polish Financial Supervision Authority, KNF, has published a press statement in connection with DORA, the Digital Operational Resilience Act, which will apply from January 17, 2025 and impose uniform requirements on financial market players concerning the security of network and information systems supporting their business processes.
Specifically, the KNF informs of a public hearing on DORA which took place on July 13, 2023 and the ongoing consultations on various DORA delegated and implementing acts which may be accessed via the website of the European Banking Authority, EBA, at this address: https://www.eba.europa.eu/esas-consult-first-batch-dora-policy-products.
Due to the significance of DORA and the implications for all financial market participants, the KNF has also drawn up a timetable in which it presents the key dates in connection with DORA. And finally, the KNF has briefly summarized the scope of DORA and the key upcoming requirements, including requirements pertaining to digital resilience testing (e.g. penetration testing), pertaining to risk management with respect to IT service provider and existing dependencies, or pertaining to the reporting of ICT incidents.