DORA Gap Analysis Tool

Mapping against DORA requirements

The DORA Gap Analysis Tool will help your organization quickly map your current policies, processes, and procedures against the requirements of DORA (Digital Operational Resilience Act) through a series of questions.

DORA came into force on 16, January 2023. It applies to financial-sector EU organizations and those that have operations within the EU from 17, January 2025. DORA sets out the importance of demonstrating risk management, incident management, and supply chain security operations, which can vary for financial organizations. As there are a wide range of financial entities with differing requirements, the DORA Gap Analysis Tool tailors a gap analysis to your requirements and operations from the entered organization type.

Our tool is a straightforward first step in understanding your organization’s compliance gaps to help prioritize and navigate your next steps, as well as supporting your ongoing assessment of compliance. The executive summary tab automatically analyzes inputted responses to give an overall overview and by chapter, as well as more detailed analysis per article for an effortless review of your compliance gaps.

What does the tool provide?

• A self-assessment questionnaire covering requirements pertaining to chapters 2–6 of DORA
• An applicability criteria tab for responding ‘yes’ or ‘no’ to organization-type options, to tailor the tool to the entered responses
• An Excel workbook separated into five tabs for the available chapters: Chapter 2, Chapter 3, Chapter 4, Chapter 5, and Chapter 6
• An executive summary tab with two analysis areas: an overview by each chapter and an overall summary, and a detailed percentage tracker for each article per chapter
• A clear indication of compliance and a comprehensive analysis of your compliance against DORA to help you plan and prioritize compliance gaps effectively

For more information, read our FAQ.