DORA Boardroom Training

DORA Executive Training for Board Members

Board members in the financial sector are expected to meet new requirements under the Digital Operational Resilience Act (DORA). If your organization falls under this regulation, you are legally accountable for cybersecurity.

DORA requires that board-level executives understand cybersecurity and can speak to it with confidence. To support this, the regulation mandates periodic cybersecurity training.

De Clercq Lawyers and Bureau Veritas Cybersecurity offer a focused DORA Boardroom Training. This one-day session provides practical insight into protecting your organization's digital infrastructure against cyber threats. Upon completion, you will meet DORA’s training requirement and receive a certificate.

The DORA Boardroom Training is a collaboration between De Clercq Lawyers and Notary and Bureau Veritas Cybersecurity's cybersecurity experts.

Why the DORA Boardroom training?

• Comply with the DORA obligation for directors to obtain sufficient knowledge of the subject.
• Acquire sufficient knowledge and skills to identify security risks.
• Learn basic cyber hygiene practices.
• Gain insight into the cybersecurity risk management measures that organizations must take as a minimum based on DORA.
• Acquire sufficient knowledge and skills to assess appropriate and proportionate technical, operational and organizational risk management measures.
• Gain sufficient knowledge to limit the consequences of security incidents.

Target group: directors

Are you a director supervising compliance with the legal obligations arising from DORA? Then this training is designed for you. You can follow this training together with the Chief Information Security Officer (CISO) or other person(s) responsible for cyber security, so that you better understand each other's knowledge and responsibilities.

After this course, you as a director can better approve risk management measures and monitor compliance. You can also follow the session with the entire board.

Program DORA Boardroom Training

The training covers one day from 9:00 AM - 4:00 PM at a location of your choice. Alternately, legal and cybersecurity experts provide the modules.

If your CISO is present, you can immediately enter into a dialogue with them. In that case the training will be able to focus on specific issues within your organization. After completing the training, each participant will receive a certificate. The training covers the following topics:

Module 1: Introduction to DORA

• What is DORA?
• Who does DORA apply to?
• What does DORA mean for organizations and their administrators?
• As a director, how can you monitor compliance?
• Timeline of DORA
• Relationship of DORA to other laws and regulations

Module 2: Handling cybersecurity risks

• Cyber ​​crime and cyber risks
• How do you identify cybersecurity risks?
• When is information security appropriate from a legal and cybersecurity perspective?

Module 3: You were attacked, what do you do?

• Incident response in practice
• Business continuity in practice
• Importance of legal in incident response
• Ransomware payments

Module 4: Testing (digital) resilience

• Application and infrastructure testing
• Physical testing
• Business continuity and disaster recovery
• Crisis Management

Module 5: Managing ICT-risks of third parties: supply chain security

• Importance of cybersecurity in the supply chain
• How do you ensure cyber security in the supply chain?
• Legal points of interest regarding contractual reporting obligations and audit rights

Module 6: Governance and organization

• Responsibilities board
• Responsibilities supervisory board

About our partner De Clercq

De Clercq Lawyers and Notary specializes in IT, Privacy and Cybersecurity. The team helps clients with a wide range of legal issues related to cybersecurity, including cybersecurity regulations.