ediverse Explorer la plateforme

À la une PEPPOL BIS Billing 3.0 L’obligation européenne d’e-invoicing arrive : France sept 2026, Belgique janv 2026, Allemagne 2025.

DORA-EU-REGULATION-DETAIL

DORA EU Regulation detail compliance regulation modern detailed.

Définition

DORA (Digital Operational Resilience Act) detail couvre les details techniques + scope + obligations de l'EU Regulation 2022/2554 publie 27 decembre 2022 (entry into force 16 janvier 2023, application 17 janvier 2025) qui harmonise les operational resilience requirements financial services entities EU + leur Critical Third-Party Providers (CTPPs incl cloud providers AWS + Azure + GCP + multiple SaaS), comprend ICT risk management + incident reporting + digital operational resilience testing + ICT third-party risk + information sharing. Detail technique + scope d'application + obligations conformite + sanctions non-conformite + processus reporting + impact entreprises in-scope + alignement avec regulations adjacentes nationales + internationales + governance + supervisory authorities + timeline implementation + transitions + jurisprudence + best practices documentation industry adoption.

Origine

EU Regulation 2022/2554 DORA published 27 decembre 2022 ; entry into force 16 janvier 2023 ; application 17 janvier 2025 ; ESAs + ENISA + national competent authorities supervisory.

Exemple en contexte

European bank BNP Paribas implements DORA compliance program 2024-2025 : (1) ICT Risk Management Framework documented + Board-approved, (2) Major incident classification + reporting procedures (e.g., ransomware affecting trading systems triggers 4-hour initial notification + 72-hour intermediate report + final report ECB+ACPR), (3) Threat-Led Penetration Testing TLPT every 3 years on critical systems, (4) ICT third-party risk register all material outsourcing arrangements (cloud + SaaS providers monitored).

Termes liés

Dernière mise à jour: 16 mai 2026