The Digital Operational Resilience Act (DORA) is the European Union’s (EU) strategic approach to managing systemic risk within the financial system. DORA is designed to improve the cybersecurity and operational resilience of the financial services sector (as of 2025). The paper explains the role internal auditors should play, specifically regarding third-party outsourcing.