Certified DORA Lead Auditor Module Training Course. From IBITGQ (International Board for IT Governance Qualifications). Live Virtuel. In English. Live Virtuel. In English

Our unique three-day modular training course is designed for those who have completed our ISO 27001 or ISO 22301 five-day lead auditor courses. This will save time and cost in adding DORA-specific auditing competence to your skill set.

It is designed for risk management and compliance professionals responsible for auditing organisations for compliance with DORA (Digital Operational Resilience Act).

You will get a detailed understanding of how to organise and deliver an audit of a financial services organisation, an ICT third-party service provider or sub-contractor to establish their DORA compliance status.

DORA Foundation is a prerequisite to this course. Save time and money by choosing the Certified DORA Foundation and Lead Auditor Module Combination Training Course.

Training course outline

This course explores DORA and its financial-sector relevance. It clarifies oversight roles and responsibilities, including reporting, and situates DORA within the broader regulatory framework.

You will assess security, risk and organisational readiness, linking them to competence, awareness and training. The course covers auditing ICT risk and incident management, business continuity and digital resilience. It also examines testing methods, tools and supply chain processes, including ICT third parties, from operational and legal angles.

You will gain practical skills, DORA-specific knowledge and strategies for exam success.

Enrol in our Certified DORA Lead Auditor Module Training Course today to become a trusted information security auditor. Enhance your organisation’s digital operational resilience, obtain DORA compliance early and gain a competitive advantage.

Expand your knowledge

Our certified DORA training broadens your understanding so you can navigate complex financial regulations with confidence. Build on your existing knowledge and learn to apply your professional skills to integrate DORA into your organisation’s ways of working. 

Propel your career

Gain a valuable C-DORA credential that sets you apart in today’s competitive job market. Be an early adopter of professional certification in this new area of cyber security practice and compliance knowledge to establish yourself as a trusted leader in information security. 

 Professional development

Advance your career by gaining certification in this new and highly sought-after area. Continue to grow, earning CPD points along the way, by attending our webinars and taking training in related areas. 

Increase your influence and impact

Our certified DORA training will give you essential knowledge and insights to make informed decisions in your organisation with confidence and due care. Equip yourself to steer activities that will ensure operational resilience and regulatory compliance.

Achieve regulatory compliance

DORA training enables key employees to understand and apply DORA efficiently within your organisation. Ongoing compliance relies on having a strong group of DORA-trained staff who can maintain and improve systems and practices.

Avoid costly penalties

Minimise the risk of regulatory fines and severe reputational damage by ensuring your organisation’s compliance with DORA before the deadline, thereby safeguarding your organisation’s financial stability.

Strengthen data governance

DORA-certified staff will be able to enhance your organisation’s data governance practices, ensuring regulatory compliance and improving measures to ensure data integrity.

Gain a competitive advantage

Gain a competitive edge by demonstrating compliance early. Compliance signals that you have robust operational resilience and business agility. Improve your market positioning and maintain the respect of shareholders and analysts.

Mitigate risks

Eliminate blind spots and fortify against cyber threats to reduce your liabilities and operational risks, and safeguard against disruptions.

Who should attend this course?

• Managers and professionals in risk management, compliance, audit, ICT and related functions who are responsible for evaluating an organisation’s DORA compliance status.
• Managers and professionals responsible for preparing an organisation for regular audits and for improving or remediating systems and processes to ensure compliance.
• People working for ICT third-party service providers that supply technology services to financial institutions operating in the EU.
• People committed to their continuing professional development with an interest in cyber security best practice

Why instructor-led?

• Focused learning: Concentrated instruction will get you from student to practitioner quickly.
• Real-world relatable: Our qualified instructors are also expert practitioners who share their experiences to bring learning to life.
• Peer support: Take the journey with peers and build a network of DORA practitioners.
• In-the-moment insights: During live training, you can get questions answered on the spot, in context, helping you progress with confidence.
• Perform at your best: Many people learn best in live environments, guided by professionals

What does this training course cover?

The governance, risk and compliance framework

• Roles and responsibilities of key actors within the oversight structure.
• Security standards.
• Gauging an organisation’s risk appetite.
• Evaluating staff competence, awareness and training plans.
• Managing third-party ICT risk.

Evaluating the effectiveness of ICT risk management frameworks

• The overlap between enterprise, operational and ICT risk management frameworks.
• How risk management frameworks and business objectives are linked.
• Assessment processes.
• How to select and deploy control mechanisms.
• Monitoring, evaluating and improving control mechanisms.

• Detection and response processes.
• Resilience strategies and business continuity plans.

Principles and practice of digital operational resilience

• Ways to perform resilience testing.
• Key competencies required for testing methodologies.

Managing third-party risk 

• Identifying and measuring risk.
• Contractual processes.

Information-sharing processes

• Mandatory and voluntary information sharing about cyber threats.
• Processes and procedures.

Exam preparation 

• Overview of the C-DORA LA exam.
• Sample questions and exam practice.
• Exam tips and strategies. 

What’s included in this course?

• Full course materials (digital copy provided as a PDF file).
• A certificate of attendance.
• The C-DORA LA exam.

What equipment do I need?

You will need a laptop for the duration of your course and exam.

Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Are there any prerequisites for this course?

Yes. You need to have taken the one-day Certified DORA Foundation Training Course and passed the C-DORA F exam as well as either:

• Certified ISO 27001:2022 ISMS Lead Auditor Training Course
• Certified ISO 22301 BCMS Lead Auditor Module Training Course

We recommend reading DORA – A Guide to the Digital Operational Resilience Act before attending this course.

Course duration and times

London

• Day 1: 9:30 am – 5:00 pm
• Day 2: 9:30 am – 5:00 pm
• Day 3: 9:30 am – 2:00 pm

Live Online GMT/BST

• Day 1: 8:30 am – 4:00 pm
• Day 2: 8:30 am – 4:00 pm
• Day 3: 8:30 am – 1:00 pm

Certified Digital Operational Resilience Act Lead Auditor (C-DORA LA) exam

Candidates take the Certified Digital Operational Resilience Act Lead Auditor (C-DORA LA) exam set by IBITGQ (International Board for IT Governance Qualifications) at the end of the course. There is no extra charge for this exam.

• Delivery method: Online
• Duration: 90 minutes
• Questions: 40
• Format: Multiple choice
• Pass mark: 75%

What qualifications will I receive?

Certified Digital Operational Resilience Act Lead Auditor (C-DORA LA).

Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications), a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.

How will I receive my exam results and certificates?

• Provisional exam results will be available immediately after completing the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
• Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
• Results notifications and certificates are emailed directly to candidates by the relevant exam board; please note that hard-copy exam certificates are not issued.

Subject to change after publishing