Skills

dora-compliance-expert

Installation
SKILL.md

DORA Compliance Expert

Tools and guidance for Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (Digital Operational Resilience Act — DORA). DORA is a directly applicable EU regulation (applicable since January 17, 2025) covering 20 types of financial entities and their critical ICT third-party providers. This skill assesses readiness against the five pillars, classifies ICT incidents and computes reporting deadlines, and structures third-party risk and resilience-testing programs.

Core Capabilities

  • 5-pillar readiness assessment — score ICT risk management, incident management, resilience testing, third-party risk, and information sharing (0–100 per pillar) with gap analysis and prioritized remediation
  • Incident classification & reporting — classify ICT incidents per Article 18 criteria, determine major-incident status, and compute the 4h / 72h / 1-month reporting deadlines
  • Third-party ICT risk — register structure, Article 30 contractual provisions, exit strategies, and concentration-risk assessment
  • Resilience testing program design — basic testing (12 test types) plus advanced Threat-Led Penetration Testing (TLPT) per the TIBER-EU framework

When to Use

  • Running a DORA gap assessment or readiness scorecard for a financial entity
  • Classifying an ICT incident and confirming reporting obligations to a competent authority
  • Building or auditing an ICT third-party register and contracts
  • Designing a digital operational resilience testing program (basic + TLPT)
  • Determining whether and how DORA applies to your entity

Quick Start

Installs
92
Repository
borghei/claude-skills
GitHub Stars
314
First Seen
Mar 10, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
dora-compliance-expert — borghei/claude-skills