🔐 Peter GEELEN’s Post

View my latest verified achievement from PECB.

Excited to share my latest achievement from PECB The Digital Operational Resilience Act (DORA) is a European Union (EU) regulation aimed at ensuring that all participants in the financial system have the necessary safeguards in place to mitigate cyber threats and IT risks. It focuses on enhancing the digital operational resilience of financial entities, including banks, investment firms, insurance companies, and payment service providers. Key aspects of DORA: 1. Risk management: Identify, assess, and manage digital risks. 2. Incident reporting: Notify authorities of major IT incidents. 3. Digital resilience testing: Regularly test IT systems and processes. 4. Third-party risk management: Ensure resilience of third-party providers. 5. Information sharing: Collaborate and share information on cyber threats. 6. Regulatory oversight: Enhanced supervision and enforcement. DORA's goals: 1. Protect financial stability 2. Ensure continuity of financial services 3. Enhance trust in the financial system 4. Promote a culture of digital resilience By implementing DORA, financial entities will be better equipped to: 1. Identify and mitigate digital risks 2. Respond to and recover from cyber incidents 3. Ensure business continuity 4. Meet regulatory requirements DORA is part of the EU's Digital Finance Strategy, aiming to create a more resilient and competitive financial sector in the digital age. For organizations wanting to implement this and other standards to address your compliance obligations, slide into my DM and let's discus #Dora #compliance #DIgitalOperationalResilienceAct

***ATTENTION ATTENTION*** The CMMC Assessment Process or better known as "The CAP" has been published by the CyberAB and assessments are able to start 2 JAN 25. Some of you may ask: What is the CAP? The CAP provides a logical and practical sequencing of activities and actions throughout the four phases of the assessment process to ensure procedural coherence for the parties. The Assessment process is broken down into 4 phases: - Phase 1: Conduct the Pre-Assessment - Phase 2: Assess Conformity to Security Requirements - Phase 3: Complete and Report Assessment Results - Phase 4: Issue Certificate and Closeout POA&M

***ATTENTION ATTENTION*** The CMMC Assessment Process or better known as "The CAP" has been published by the CyberAB and assessments are able to start 2 JAN 25. Some of you may ask: What is the CAP? The CAP provides a logical and practical sequencing of activities and actions throughout the four phases of the assessment process to ensure procedural coherence for the parties. The Assessment process is broken down into 4 phases: - Phase 1: Conduct the Pre-Assessment - Phase 2: Assess Conformity to Security Requirements - Phase 3: Complete and Report Assessment Results - Phase 4: Issue Certificate and Closeout POA&M

View my verified achievement from AICB,

View my verified achievement from AICB,

View my verified achievement from PECB. Sharon has obtained a new certification: DORA Lead Manager from PECB! It's been a challenging journey but we have finally attained this certification. Yes, I am a practicing auditor but vaying for proactive measures that are currently attainable through risk management. DORA in full is the Digital Operational Resilience Act which establishes technical standards to be implemented in their ICT systems. This and more has been captured in the #Certified #DORA #Lead #manager course notes provided by #PECB. The course mainly focuses on: 1. ICT Risk Management: Financial entities are required to establish and maintain robust ICT risk management frameworks to identify, protect, detect, respond to, and recover from ICT-related risks. This includes regular assessments, monitoring, and reporting. 2. ICT-related Incident Reporting: DORA mandates timely reporting of significant ICT-related incidents to the relevant authorities. This includes detailed information about the incident, its impact, and the measures taken to mitigate it. 3. Digital Operational Resilience Testing: Financial entities must regularly test their digital operational resilience, including conducting threat-led penetration testing (TLPT) to identify vulnerabilities and assess the effectiveness of their ICT systems and controls. 4. ICT Third-Party Risk Management: DORA requires financial entities to manage risks associated with their ICT third-party service providers. This includes conducting due diligence, monitoring, and managing dependencies on external ICT providers. 5. Information Sharing: The regulation encourages financial entities to share information on cyber threats and vulnerabilities with their peers and relevant authorities to improve collective cyber resilience. I encourage us to do this course and we build information that all entities need to consider in the policy reviews and process reviews for value creation attained from the overall risk management chain since we all exist in an interconnected system.

View my verified achievement from AICB,

NZISM is a great framework to implement on your cyber-security journey. OPSC can help you: 1. Assess your compliance requirements and identify gaps 2. Develop a plan to integrate NZISM controls 3. Help you implement those controls 4. Train and raise awareness on NZISM Standards