DORA
ilert GmbH is compliant with Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector (DORA). ilert provides a standard compliance package for EU financial-sector customers (banks, insurers, investment firms, PSPs, etc.).
Documents
DORA Compliance Package — Self-contained dossier mapping ilert's controls to core DORA obligations. Includes key facts, requirements mapping, responsibility allocation, and supporting documentation index.
DORA Addendum — Contractual addendum to ilert's Terms & Conditions covering service levels, data location, security & incident handling, business continuity & exit, audit & regulatory cooperation, and termination rights.
Key facts
DORA "critical" status
Not designated as critical ICT third-party
Incident notification
≤ 4 hours; updates every ≤ 4 hours; post-incident report within 5 business days
Business continuity
Active/active architecture; RTO ≤ 60 min, RPO ≤ 15 min
Resilience testing
Annual external pentest; quarterly vulnerability scans; cooperation with client TLPT
Audit rights
1 remote audit/year free; on-site at agreed cost; additional audits after Major ICT Incidents
Exit & transition
60-day transition period; data export within 5 business days; step-in rights
For the full details, refer to the documents above. For DORA-related inquiries, contact [email protected].
Last updated
Was this helpful?