Webinar Replay: Preparing now for the Digital Operations Resilience Act

From January 2025, the Digital Operations Resilience Act (DORA), an EU Directive on digital operational resilience for the financial sector, will apply in full. Institutions for Occupational Retirement Provision (IORPs) are in scope for DORA, so governing bodies must ensure that the IORP has an effective risk management system for Information and Communication Technology (ICT) risks. Corporate sponsors will also be keen to ensure the IORPs they support are taking the necessary steps to comply.

DORA places great emphasis on the overall responsibility of the governing body for digital operational stability. For IORPs the issue of cyber risk is first and foremost a governance issue, not a technology issue. Governing bodies are not expected to understand the technology underlying cyber risk any more than they are expected to understand the intricacies of actuarial calculations or the analysis behind managers building an equity portfolio. But they are expected to understand the implications for their IORP and be able to ask the right questions

Key discussion points include:

• The steps your IORPs should be taking now to comply with DORA
• Aon’s cyber resilience framework and how it helps our clients adopt best practice in managing this key risk
• How IORPs, their governing bodies and their corporate sponsors can be as prepared as possible to navigate a pensions ICT incident