Article 7, ICT Systems, Protocols And Tools, Digital Operational Resilience Act (DORA)

Overview

In order to address and manage ICT risk, financial entities shall use and maintain updated ICT systems, protocols and tools that are:

(a) appropriate to the magnitude of operations supporting the conduct of their activities, in accordance with the proportionality principle as referred to in Article 4;

(b) reliable;

(c) equipped with sufficient capacity to accurately process the data necessary for the performance of activities and the timely provision of services, and to deal with peak orders, message or transaction volumes, as needed, including where new technology is introduced;

(d) technologically resilient in order to adequately deal with additional information processing needs as required under stressed market conditions or other adverse situations.

Summary Of Article 7

Article 7 of the Digital Operational Resilience Act (DORA) mandates financial entities to maintain updated ICT systems, protocols, and tools to effectively manage ICT risks. These systems must be tailored to the scale and complexity of the entity’s operations, following the proportionality principle outlined in Article 4. They are required to be reliable, with sufficient capacity to process necessary data accurately and manage peak transaction volumes, even during stressed market conditions or when introducing new technologies.

Technological resilience is a key requirement, ensuring that these systems can handle additional information processing demands under adverse situations. The aim is to support uninterrupted service delivery and maintain the operational integrity of financial entities. By focusing on reliability, scalability, and resilience, Article 7 ensures that ICT systems are equipped to adapt to evolving challenges while protecting critical processes and data.

This article reinforces DORA’s broader mission to enhance digital operational resilience in the financial sector, ensuring entities are prepared for both routine operations and unexpected disruptions. It underscores the importance of robust technological frameworks as a foundation for stable, secure, and efficient financial services.