In an era where digital resilience is paramount, DORA (Digital Operational Resilience Act) represents a significant step forward in ensuring the financial sector’s digital infrastructure can withstand cyber threats. Compliance with DORA is not just a regulatory requirement but a strategic advantage in safeguarding critical digital operations. However, achieving compliance can be challenging, requiring a comprehensive approach to information security management.
This is where ISO 27001, the international standard for an ISMS (information security management system), is invaluable. ISO 27001 provides a systematic and well-structured approach that can serve as the foundation for organisations aiming to comply with DORA. By aligning ISO 27001’s best practices with DORA’s requirements, organisations can enhance their operational resilience, protect against cyber threats, and ensure the continuity of critical functions in a digital landscape that is constantly evolving.
Delivered by:
Alan Calder
Founder and Executive Chairman, IT Governance
Alan is an acknowledged international cyber security expert and a leading author on information security and IT governance issues.
He founded IT Governance in 2002 and has written more than 20 books on cyber security. Alan’s work draws on his experience leading the world’s first successful implementation of BS 7799 – now ISO 27001 – and is also the basis for the UK Open University’s postgraduate course on information security.
He has been involved in the development of a wide range of information security management training courses that have been accredited by IBITGQ (International Board for IT Governance Qualifications).
Andrew Pattison
Head of GRC Consultancy Europe
Andrew is a distinguished GRC consultant with more than two decades of experience in the UK health sector. His background includes pivotal roles such as IT manager at a large health trust in Northern Ireland and information security manager for a specialist telehealth supplier. An active member of ISACA®, BCS and CSA, Andrew’s expertise spans information security, change management, business continuity and project management. His qualifications include an MSc in Information Systems Management, alongside certifications in Information Security Management Principles (CISMP), Certified Information Security Lead Implementer (CIS LI), Certified Information Security Lead Auditor (CIS LA) and PRINCE2® Project Management.
Andrew’s notable achievements include developing, implementing and managing a certified ISO 27001 ISMS, managing the integration of two ISO 27001:2013 ISMS projects post-acquisition, and leading security for the implementation of secure videoconferencing services within the UK health service.
Cliff Martin
Head of Cyber Incident Response
Cliff leads the Cyber Incident Response Service within GRCI Law. He began his career teaching computer systems and network technologies in further and higher education. He moved into the defence industry, where his main areas of expertise were risk management and accreditation, incident management and response, and secure systems architecture and configuration. Cliff has experience in both IT and OT environments. He understands the complexity of cyber security incidents and their potential impact on the organisation, its users and its customers.
Hosted by:
Adam Seamons
Information Security Manager
Adam specialises in ISO 27001 and security policy improvement. Holding (ISC)2 CISSP® and SSCP® certifications, he has a strong background in security protocols and system administration. Adam’s other qualifications, including PCI DSS Lead Implementer and Certified ISO 22301 BCMS Lead Implementer, highlight his comprehensive understanding of the critical intersections between international standards and regulatory compliance.
Earn CPD points and boost your professional growth
Seize the opportunity to deepen your understanding of DORA and how ISO 27001 can help you comply. Join our expert-led panel discussion to not only enrich your knowledge but also earn a certificate contributing to your CPD (continuing professional development) points.