Navigating the ESA’s second round of Consultation Papers on DORA

Skip to content
Skip to navigation

Global site
Africa
Americas
Asia Pacific
Europe
Middle East

Locations

Services

Audit

Advisory

Our progressive thinkers offer services to help create, protect and transform value today, so you have opportunity to thrive tomorrow.

See Overview

Aviation Advisory
Our dedicated Aviation Advisory team bring best-in-class expertise across modelling, lease management, financial accounting and transaction execution as well as technical services completed by certified engineers.
Consulting
Our Consulting team guarantees quick turnarounds, lower partner-to-staff ratio than most and superior results delivered on a range of services.
Business Risk Services
Our Business Risk Services team deliver practical and pragmatic solutions that support clients in growing and protecting the inherent value of their businesses.
Deal Advisory
Our experienced Deal Advisory team has provided a range of transaction, valuation, deal advisory and restructuring services to clients for the past two decades.
Forensic Accounting
Our Forensic and Investigation Services team have targeted solutions to solve difficult challenges - making the difference between finding the truth or being left in the dark.
Financial Accounting and Advisory
Our FAAS team designs and implements creative solutions for organisations expanding into new markets or undertaking functional financial transformations.
Restructuring
Grant Thornton is Ireland’s leading provider of insolvency and corporate recovery solutions.
Risk Advisory
Our Risk Advisory team delivers innovative solutions and strategic insights for the Financial Services sector, addressing disruptive forces, regulatory changes, and emerging trends to enhance risk management and foster competitive advantage.
Sustainability Advisory
Our Sustainability Advisory team works with clients to accelerate their sustainability journey through innovative and pragmatic solutions.

Related insights:

Sustainability Advisory Sustainability: A team sport that needs a captain

Is your company searching for a sustainability leader? Learn the key skills for embedding sustainability into your business strategy.

Catherine Duggan

| 4 min read | 03 Apr 2024

Audit

Our audit services can strengthen your business and stakeholders' confidence. You'll receive professionally verified results and insights that help you grow.

See Overview

Related insights:

Asset management Asset management of the future
In today’s global asset management landscape, there is an almost constant onslaught of change and complexity. To combat such complex change, asset managers need a consolidated approach. Read our publication and find out more about what you can achieve by choosing to work with us.

Shona O'Hea
| 1 min read | 21 Feb 2024
Internal Audit Maintaining Compliance with New EU Pension Directive IORP II
On 28 April 2021, the Irish Government transposed IORP II (Institution for Occupational Retirement Provision), an EU directive on the activities and supervision of pension schemes, into law.

| 4 min read | 21 Sep 2023
Risk, Compliance and Professional Standards FRED 82 – Periodic Updates to FRS 100 – 105
The concept of a new suite of standards for the UK and Ireland, aligning with international financial reporting standards, was first conceived in 2002

Stephen Murray
| 5 min read | 13 Sep 2023
Audit and Assurance Auditor transition: how to achieve a smooth changeover
Appointing new auditors may seem like a daunting task that will be disruptive to your business and a drain on the finance function. Nevertheless, there are a multitude of reasons to consider a change, including simply seeking a ‘fresh look’ at the business.

Blaithin O’Neill
| 3 min read | 26 Apr 2023

Tax

Our tax services help you gain trust and stay ahead, enabling you to manage your tax transparently and ethically.

See Overview

Corporate Tax
Our Corporate Tax team is made up of more than 40 highly experienced senior partners and directors who work directly with a wide range of domestic and international clients; covering Corporation Tax, Company Secretarial, Employer Solutions, Global Mobility and Tax Incentives.
Financial Services Tax
The Grant Thornton team is made up of experts who are fully up to date in terms of changing and evolving tax legislation. This is combined with industry expertise and an in-depth knowledge of the evolving financial services regulatory landscape.
International Tax
We develop close relationships with clients in order to gain a deep understanding of their businesses to ensure they make the right operational decisions. The wrong decision on how a company sells into a new market or establishes a new subsidiary can have major tax implications.
Private Client
Grant Thornton’s Private Client Services team can advise you on all areas of financial, pension, investment, succession and inheritance planning. We understand that each individual’s circumstances are different to the next and we tailor our services to suit your specific needs.
VAT
Grant Thornton’s team of indirect tax specialists helps a range of clients across a variety of sectors including pharmaceuticals, financial services, construction and property and food to navigate these complexities.

Related insights:

Tax Tax Facts 2024

Download our simple guide for Irish tax rates, credits and filing deadlines, as well as a summary of the key Irish tax reliefs, for 2024. This guide is updated to include amendments made by Finance Act 2023.

| 2 min read | 24 Apr 2024

Careers

Find out more about our opportunities.

See Overview

Experienced Hires

Looking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things...

See Overview

Graduate Programme

We offer a range of graduate programmes to help you thrive in your career. Work with and learn from the best in the business, make a difference and excel by...

See Overview

Undergrad Programme

We offer a fantastic opportunity to kick-start your career with our Summer Internship Programme.

See Overview

Connect

About Us

Grant Thornton Ireland is rapidly approaching 3,000 people, in 9 offices across Ireland, Isle of Man, Gibraltar and Bermuda, and a presence in over 149...

See Overview

Grant Thornton Alumni network

We believe in a connected world — so we created an industry-leading online Alumni Network that focuses on what matters most at Grant Thornton — our people.

See Overview

Events

Browse our schedule of upcoming live events or webinars for the latest thinking from Grant Thornton's subject matter experts.

See Overview

News centre

Explore Grant Thornton's latest press releases and stay informed with our most recent news updates. Our News Centre is your gateway to the latest developments...

See Overview

Subscriptions

Receive the latest insights, news and more direct to your inbox.

See Overview

Background

On December 8, 2023, the European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) launched the public consultation on the second batch of policy mandates under the Digital Operational Resilience Act (DORA). This public consultation covers six policy documents that will establish requirements for financial institutions in the following areas:

The timelines, content and templates for major incident reporting

DORA has set out the requirements for how financial institutions must report security incidents to their competent authorities. It is expected that financial entities establish incident management processes, follow standards on incident reports and report on a voluntary basis significant cyber threats.

The expected content of the ICT related incident reports includes data such as the type of incident, the date and time of the incident, the affected systems, and the potential impact of the incident.

Subcontracting of critical or important functions

The draft RTS provides further requirements on what needs to be considered when subcontracting ICT services supporting critical or important functions. Critical or important functions are those that are essential to the financial institution's ability to operate, or that are subject to regulatory requirements.

We see the RTS go a step further, for example notice periods shall be given in the case of material changes being made to sub-contractor arrangements.

Guidance on costs and losses caused by major incidents

Financial entities may be asked to provide data on the estimated costs and losses that they have incurred because of major ICT related incidents. The draft Guideline defines the process for determining the aggregated costs and losses for major incident, including the reporting requirements.

Threat-led Penetration Testing (TLPT) and the TIBER Framework

Financial entities must conduct regular TLPT exercises to assess the security of their systems and networks. This document defines the criteria for firms who need to conduct TLPT, the testing methodologies to be applied (i.e. TIMER Framework) and the additional requirements for the use of internal testers, including defining a policy on the use of internal testers for TLPT.

Guidelines on oversight between the ESAs and competent authorities

The draft guidelines cover the information and cooperation exchanges between the ESAs and the competent authorities in areas such as language, difference of opinions, designation of critical ICT third-party service providers, oversight activities and follow-up procedures.

Note: Oversight harmonisation and cooperation between ESAs, competent authorities and ICT third-party service providers intend to ensure that there is consistency and cooperation across the EU in the supervision of firms and other entities that are subject to the DORA requirements. Therefore, they will not be considered in this article because firms are not responsible for this oversight.

Enter your details to download the full publication

Navigating the ESA’s second round of Consultation Papers on DORA

Discover the requirements needed for financial institutions on the fast approaching DORA deadline.
Learn how our team of operational resilience and technology experts provide tailored support to tackle the complexities and intricacies of DORA.