Euroopa Liidu Digitaalse tegevuskerksuse regulatsiooni DORA võrdlusanalüüs infoturbe standardi ISO/IEC 27001 põhjal

Abstract

The purpose of this Bachelor’s thesis was to analyze the requirements of the Digital Operational Resilience Act based on the ISO/IEC 27001 information security standard. The comparative analysis method was used for the analysis. A brief overview of risk management and digital operational resilience act is described. The comparative analysis is structured as follows. First, the requirements of DORA are described, then the compliance of the ISO/IEC 27001 controls with the DORA requirements and identified deficiencies. In summary, the results of the analysis are presented and recommendations are given on how to implement the regulation based on the ISO/IEC 27001 information security standard.