The European Union’s Digital Operational Resilience Act (DORA) affects Internal Audit in insurance companies, as it sets direct and indirect standards for the internal audit function. The deadline for meeting DORA requirements is 17 January 2025, and both financial institutions and service providers
across the industry are feeling the pressure.
The aim of this paper is to provide internal audit functions with an overview of the status approximately six months before the regulation’s due date, what activities from internal audit functions are required by DORA directly, as well as what practices companies are adopting to comply with DORA and how internal audit can give assurance.
The views and opinions expressed do not necessarily reflect the official policy or position of any agency or organization on DORA. The information contained in this paper reflects a general informative view on DORA and its potential impact on Internal Audit.
