DORA
Maor's specialists offer essential advice on adhering to The Digital Operational Resilience Act (DORA), a critical regulation within the financial services industry in the EU, focusing on mitigation of cyber threats and recovery mechanisms for ICT-related incidents.
Maor’s specialists can advise your organisation on their cybersecurity obligations under The Digital Operational Resilience Act (DORA). DORA came into force from 16/01/23. From January 2025, EU Financial Services supervisors, including the Central Bank of Ireland, expect firms to be in full compliance with all DORA requirements. The Act harmonises Information and Communication Technology (ICT) risk requirements across Europe in the financial services industry and aims to prevent and mitigate cyber threats while ensuring that financial entities can withstand, respond to, and recover from all types of ICT-related disruptions and threats. With its introduction, financial institutions must follow rules for the protection, detection, containment, recovery, and repair capabilities against ICT-related incidents.
Implementation
Design, development and implementation of ISO/IEC 27001:2022 -conformant information security management system (leveraging ISO/IEC 27001:2022 best practice guides/codes of practice 27002, 27003, 27004, 27005 and 27007).
Gap Analysis
Provision of ISO/IEC 27001 gap analysis resulting in critical insight into your organisation’s current conformance/compliance status to ISO/IEC 27001 - and how to bridge any gaps. Essentially, ISO/IEC 27001 gap analysis provides specific awareness of what needs to be done to attain ISO/IEC 27001 certification with the added bonus of also understanding your organisation's security position/posture.
INTERNAL Audit Services
Provision of fully ISO/IEC 27001-conformant audit/auditor services (single/recurring audits and/or a “turnkey” internal audit programme) which critically contributes to the mandatory performance evaluation and continual improvement requirements of ISO/IEC 27001.
Our “turnkey” internal audit programme can also include foundational auditor competency development through coaching and mentoring. Additionally, Maor can also provide a secure hosting option of its custom-designed audit programme cloud-based application to further underpin effective and efficient audit management.
Employee ISO/IEC 27001-focused information security training and education
Design, development, delivery, evaluation and continual improvement of ISO/IEC 27001 education and training to meet the dual objectives of assuring suitable, adequate and relevant ISO/IEC 27001 awareness and competency across all ISMS roles, responsibilities and authorities. All our education and training provides suitable and adequate documented evidence of participation and associated competence achievement.
Our ISO/IEC 27001 education and training includes:
· General employee education and awareness.
· Practical implementation including critical information security risk assessment and treatment).
· Auditor development and mentoring.
· Risk management (including general risk management).
· Top (Senior) management workshops (ISO/IEC 27001 for Top Management).
· ISMS and information security performance evaluation.
· Custom-designed organizational-focused programmes.
Maor ISO/IEC 27001 education and training services takes a collaborative, co-design/co-development approach and is facilitated by internationally experienced practitioners (training and ISO/IEC 27001).
