You will get EU DORA (Digital Operational Resilience Act) gap analysis


Project details
The Digital Operational Resilience Act (DORA) will make sure the financial sector in Europe can maintain resilient operations through a severe operational disruption.
INKASEC will conduct an organisational review, gap analysis and will define a detailed implementation framework.
INKASEC will conduct an organisational review, gap analysis and will define a detailed implementation framework.
Cybersecurity Expertise
Audit, Cyber Threat Intelligence, Gap AnalysisWhat's included
| Service Tiers |
Starter
$750
|
Standard
$7,500
|
Advanced
$19,500
|
|---|---|---|---|
| Delivery Time | 1 day | 5 days | 20 days |
Compliance Plan | - | ||
Gap Analysis | - | ||
Implementation | - | - |
Optional add-ons
You can add these on the next page.
Training
(+ 1 Day)
+$2,900Frequently asked questions
66 reviews
(64)
(2)
(0)
(0)
(0)
This project doesn't have any reviews.
JK
Jamie K.
Oct 16, 2023
ISO 27001 Certification
MT
Manoj T.
Oct 14, 2022
60 minute consultation
NS
Nicole S.
Aug 1, 2022
GDPR & CCPA - Website audit
Gleb is really knowledgeable and works fast. Highly recommended!
JK
Jamie K.
Jul 21, 2022
ISO 27001 Certification
Great service and communication - highly recommended
DC
Deena C.
Jun 20, 2022
ISO 27001 Internal Audit
About Gleb
Security, compliance and data privacy expert, multi-cloud architect.
100%
Job Success
London, United Kingdom - 11:52 pm local time
Let's have a chat to understand your challenges and agree on the way forward.
Expert advice and practical implementation of information security processes and tools. Extensive experience in planning, implementing secure architecture, and providing ongoing 24/7 support for business-critical solutions globally (please check Inkasec agency profile).
- All solutions are cost-optimised while providing high availability, performance and scalability when required - from WordPress, LAMP, Ruby on Rails and similar to Kubernetes, Data Analytics / Warehouse / Lake, VDI / Workspaces. Microsoft and Oracle business applications.
- Multiple cloud migrations (to/from AWS, Azure, Oracle and Google) and management services (IaaS, PaaS, SaaS, including Hybrid environments).
- Post Quantum Cryptography (PQC) technical advisory and assessment.
- Business continuity and disaster recovery planning (BCP and DR) and real testing. The table-top exercises are the same as the theatrical rehearsal for a play that will never be performed as written.
- Threat modelling and Zero Trust framework design and implementation.
- AI security.
- DevSecOps and DevOps with all modern toolsets (from Infrastructure as Code IAC with Terraform and CloudFormation, through configuration management with Ansible and Packer, to static/dynamic security code analysis SAST/DAST).
- Complex CI/CD pipelines and release management.
- Design, implement and support compliance needs globally (ISO 27001, ISO 27017-18, DORA, NIS/NIS2, SD-PAC, HIPAA, SoX, SOC2 and PCI DSS).
- Data Privacy - data protection regulation GDPR, California Consumer Privacy Act (CCPA) and Privacy and Electronic Communications Regulations (PECR).
- Risk management, third-party security assessments and questionnaires.
- Software and SaaS escrow.
Challenges that I can help to address:
- Risk management improvement within the technological and organisational space
- Allow working with larger clients as they expect a certain level of vendor compliance to reduce their third-party risk
- Allow more efficient outsourcing for your organisation and manage your third-party risk
- To understand gaps within your current compliance environment and to assist with preparation for a certification audit
Data Privacy - data protection regulation GDPR, California Consumer Privacy Act (CCPA) and Privacy and Electronic Communications Regulations (PECR):
- develop a framework (who does what and why) and associated policies and standards,
- implement data protection by design and impact assessments (DPIA) processes,
- review controls for data processing for customer, supplier and employee data,
- data and system mapping (where personal data is, who has access, anonymisation),
- legal basis identification (consent management, contract, legal obligations, vital interest, public task, legitimate interest),
- develop processes and standards related to Individuals' rights (data subject rights -informed, access, rectification, erasure, restrict processing, data portability, object, decision making) as required by the regulations,
- data security (encryption, access controls, etc.),
- International data transfers and Brexit,
- breach notification process implementation,
- third parties' risk assessments,
- legal clauses review,
- cookies (and similar technologies), and
- customer privacy regarding traffic and location data, itemised billing, line identification, and directory listings.
Please note that GDPR / CCPA / PECR is not a one-time exercise or a checklist - it is a way to conduct your business with respect for this fundamental right.
Steps for completing your project
After purchasing the project, send requirements so Gleb can start the project.
Delivery time starts when Gleb receives requirements from you.
Gleb works on your project following the steps below.
Revisions may occur after the delivery date.
Kick off
Project setup and stakeholder agreement.
Overview session
presentation and Q&A