“Our NCA approval was dependent on a well-defined structure that we had with the almost 600 checkpoints.”
Head of Legal, Crypto Assets startup during MiCAR application in 2025
Can be sliced from micro-enterprise to large enterprise.
We know the critical points that local authorities actually check during their DORA compliance testing and deliver a comprehensive list of checkpoints for all 4 company sizes.
DORA documents are highly individual but it is a huge head start to begin with a solid boilerplate that organizes your path through the regulatory jungle.
Enhance your team by our DORA practitioners on demand.
ALL DORA Projects REQUIRE the same Baseline.
-
DORA overview index
-
1-1_ICT-Risk-Management-Policy.docx
-
1-2_ICT-Strategy / Governance Charter.docx
-
1-3_Roles & Responsibilities.docx
-
1-4_Information Security Policy (ISP).docx
-
2-1_ICT-Asset-Register.docx
-
2-2_ICT-Risk Register.docx
-
2-3_Controls Catalogue / Mapping Matrix.docx
-
2-4_Change Management Procedure.docx
-
2-5_Patch & Update Policy.docx
-
2-6_Access Control Policy.docx
-
2-7_Key Management Policy (Crypto Keys).docx
-
2-8_Logging & Monitoring Policy.docx
-
2-9_Data Classification & Protection Policy.docx
-
3-1_Incident Response Policy & Playbook.docx
-
3-2_Major Incident Notification Template.docx
-
3-3_Business Continuity Plan (BCP).docx
-
3-4_Disaster Recovery Plan (DRP).docx
-
3-5_Backup & Restoration Policy.docx
-
4-1_Penetration Test & Vulnerability Reports.docx
-
4-2_Threat-Led Penetration Testing (TLPT) Plan.docx
-
4-3_Internal Audit & Review Reports.docx
-
4-4_Continuous Improvement Plan.docx
-
5-1_Third-Party Risk Management Policy.docx
-
5-2_Third-Party Register / Outsourcing Inventory.docx
-
5-4_Supplier Audit & Due Diligence Reports.docx
-
6-1_Training and Awareness Plan.docx
-
7-1_Compliance Report.docx
-
7-2_Threat Intelligence Participation Log.docx
-
7-3_Informationregister Report.docx
-
+ several Excel file templates for Asset & Risk Register etc.
