Use case /
Compliance to digital operational resilience act (Dora)
Context & objectives
In the context of the compliance to the Digital Operational Resilience Act, our mission was to design and deploy the DORA process and DORA reporting to ensure Ageas regulatory compliancy reporting under the supervision of the Group CRO and the Portugal CRO.
Client
Ageas is a BEL20 company, with 44.000 employees, providing insurance solutions and services to 47 million clients in Europe and Asia and achieved a Net Operating Result of € 1,2 Bn in 2023
Keyrus role
- Blueprinting of the Target Operating Model & reporting processes for DORA
- Drive the tool selection process and provide guidance in the final choice (software shortlist, demo, scoring, final choice)
- Definition of the roadmap for the implementation phase
- Program Management for the implementation of the target processes, data flows, governance and support material (architecture, systems, documents…)
- Delivery of key program components such as TOM, TCO, implementation plan, risks assessment, …
Benefits
- Improved ICT risk management practices at Ageas level, including better management of incidents thanks to the clear guidelines and governance in place
- Fluid communication between, the stakeholders and the CRO Office
- Cost effective implementation (vs. Big4 proposals)
- On-time and under control execution of the DORA compliance program
- Avoidance of internal conflicts
🎯 Assignment metrics
- 2 Senior Manager
- 1 Junior Consultant
- Assessment: 15 weeks
- Target definition: 4 weeks
- Implementation: 8 months
💻 Technologies
NA