top of page


Rate their DORA status

Check your needs, those of your stakeholders and the needs of your ICT providers for regulatory compliance requirements.


Arrange an analysis meeting

We speak to each other for 30 minutes, , to get to know each other and to determine your current information security level in relation to DORA. We will then explain the ideal path to DORA compliance that suits your size and needs.


Know and choose your options

You can choose either a standard or bespoke training offering or a fully customized consulting service, we will execute the desired solution.


Meet the more secure you

Based on your optimizations and deeper information security knowledge, you will have a higher level of cyber security and operational resiliencez achieved, die verifiable DORA-Compliance reinforces their trust in your organization and also the trust of customers that your company runs with lower risks as well as interruptions.

Consulting for DORA

Our process at a glance

I would be happy to work with Mr. Salvador and his team again on the next project. Thanks and all the best!

Andreas Freitag, BMW AG

My TISAX® audit went smoothly and was successful right away, we were able to prove our information security according to TISAX® and can now win new automotive customers.

Gaps in our preparation and exam were closed in a timely manner and high quality documents were delivered by Opexa. I can only recommend the team around Klaus Höllerer, Klaus Kilvinger and Thomas Salvador_cc781905-5cde-3194-bb3b-136bad5cf58d.

dr Samir Kadunic, MAASU GmbH

When examining customer requirements in the area of TISAX®, there was an urgent need for advice in the company. Thanks to the help of Opexa Advisory GmbH, we were able to meet our customer requirements and also achieve our goals with significant cost savings.

Opexa Advisory is the ideal partner because of its many years of automotive experience, project know-how and competent, efficient and uncomplicated support.

Herbert Schmidt, Dennemeyer & Co. GmbH

What our clients have to say

Common questions about Financial Services Consulting

We already meet other standards (e.g. ISO 27001, BAIT, VAIT, KAIT) is that an advantage?

This gives you a clear advantage, since an organisational, professional and technical basis for the extended measures according to DORA has already been laid and time and costs are saved.

If an integrated view of the required processes, documents or guidelines and use of the required management systems is possible, so much the better!  

However, you must still be able to demonstrate compliance with the respective standards in the specific audits. 

How long does it take to implement DORA?

Depending on the size, locations, countries, operational quality, structure and measures/standards already implemented in information security, this can take up to 24 months.

Who needs to implement DORA?

Not only the financial institutions but also their third-party ICT providers are expected to implement es to mitigate the risks associated with cyber threats.

What other benefits can we expect?

Your overall information security resilience improves and you have better protection against cyber risks. 

In addition, top management would take personal risks related to compliance and liability if no demonstrable measures are taken to improve and maintain adequate information security to ensure operational resilience.

The Digital Operational Resilience Act (DORA) is a regulation of the European Parliament and Council on the operational stability of digital systems in the financial sector that is in the legislative process. It defines uniform requirements for the security of network and information systems in the entire financial sector, and their local and international ICT partners are also affected! Thus  further developments of the delivery models for IT services are also included, e.g. B. Cloud Services and Infrastructure-as-a-Service. DORA aims to improve information security and strengthen the digital operational resilience of European financial companies . Implementation in national law and regulation is in progress, Banks, insurance companies and ICT service providers must implement the new information security requirements. Early preparation is key to achieving compliant status in a timely manner and avoiding fines. 

Digital Resilience (DORA)
Consistently secure 

Our Partners 

Our DORA consultants guide and support you to ensure your organization meets more complex requirements such as more comprehensive risk management, threat intelligence gathering and advanced security testing.

We support you in the necessary legally compliant setup with:

Car manufacturers often require a valid TISAX® label as a condition for partnership with suppliers and many organizations seek for the right way to reach the TISAX® label. Our TISAX® consultants will guide and support you via consulting or training in every phase of your project to reach the appropriate TISAX® label successfully. We stand for  Automotive Excellence®.

Development of an incident management and efficient reporting processes

Annual testing of critical systems and applications

Appropriate ICT third party management

bottom of page