Frameworks We Support
Deep expertise across major compliance and regulatory frameworks
DORA
Digital Operational Resilience Act
ISO 27001
Information Security Management
PCI DSS
Payment Card Industry Data Security
AWS Maturity
AWS Security Maturity Assessment
NIST 800-53
Security & Privacy Controls
ISO 42001
AI Management System
Our Compliance Services
End-to-end support from initial assessment through to certification and ongoing compliance
Gap Assessments
Comprehensive analysis of your current security posture against required compliance frameworks. Identify gaps and prioritize remediation efforts.
Control Framework Authoring
Development of tailored policies, procedures and control frameworks aligned to your regulatory requirements and business objectives.
Third-Party Risk Management
Third-party provider assessments and ongoing oversight, including security requirements review and exit strategy planning.
Evidence Pack Preparation
Documentation and evidence collection for audit readiness, certification preparation and regulatory submissions.
Mandatory from January 2025
DORA Readiness & Compliance
The Digital Operational Resilience Act (DORA) sets mandatory rules for how financial firms and their technology providers manage ICT risk, incidents, resilience and third-party oversight.
Who is affected?
Financial Entities
- Banks
- Insurance companies
- Investment firms
- Credit unions
- Payment and e-money institutions
- Crypto-asset firms
ICT Providers
- Cloud service providers
- Data centres
- SaaS / analytics vendors
- Credit rating and scoring providers
What We Offer
- Determine if you are in scope
- Rapid gap analysis against the 5 DORA pillars
- Clear remediation roadmap
- Support implementing required controls
- Policies, procedures and evidence packs
- Ongoing continuous compliance support