This course provides an in-depth overview of the European Banking Authority (EBA) Guidelines on ICT and Security Risk Management, a key framework designed to strengthen digital resilience in the financial sector. As financial institutions undergo rapid digital transformation, the risks associated with information and communication technology (ICT) and cybersecurity have intensified. These guidelines establish a harmonized approach across the EU for governance, risk management, incident handling, and oversight of ICT operations and third-party providers. Participants will explore the objectives, scope, and practical requirements of the guidelines, including ICT governance structures, risk assessment and mitigation, operational best practices, business continuity planning, cybersecurity strategies, and audit expectations. The course also examines case studies and emerging technologies, providing learners with actionable insights to enhance resilience and regulatory compliance in an evolving digital landscape.
- Teacher: Constantinos Avgoustou
This course offers a comprehensive overview of the Digital Operational Resilience Act (DORA), the European Union’s landmark legislation designed to strengthen the financial sector’s ability to withstand and recover from ICT-related disruptions. With financial services increasingly reliant on digital infrastructure, DORA creates a harmonized framework for managing cyber risks, operational resilience, and third-party dependencies. Participants will explore the Act’s key components—including incident reporting, resilience testing, ICT third-party risk management, information sharing, and oversight mechanisms—and examine practical applications and case studies that highlight implementation challenges and solutions. The course equips learners with the knowledge and tools to ensure compliance with DORA while enhancing their institution’s operational resilience, safeguarding market integrity, and protecting consumers in an evolving digital landscape.
- Teacher: Constantinos Avgoustou
This course provides an in-depth analysis of the EU Digital Operational Resilience Act (DORA), Regulation (EU) 2022/2554, which establishes a harmonised framework for ICT and cyber resilience across the financial sector. It examines the scope of DORA, its five key pillars, and the organisational impact on financial institutions, ICT providers, and supervisory authorities. The course covers ICT risk management, incident reporting, resilience testing, third-party risk, and information-sharing obligations, alongside proportionality principles and “security by design” requirements. Participants will also explore related EU legislation (NIS2, CRA, AI Act, DSA), the evolving geopolitical and cyber threat landscape, and practical compliance challenges, including the new reporting obligations for Registers of Information (RoIs).
- Teacher: Dr. Marios Kyriacou
