DORA Knowledge Catalog

Structured mapping of DORA regulatory controls (Articles 5–45) to evidence types, document formats, structured fact schemas, and data availability patterns observed in mid-market European financial institutions.

Source: Regulation (EU) 2022/2554 (EUR-Lex)

DORA Pillars

Pillar 1: ICT Risk Management

Articles 5–16 · 13 controls

Pillar 2: ICT Incident Detection & Reporting

Articles 17–23 · 7 controls

Pillar 3: Digital Operational Resilience Testing

Articles 24–27 · 4 controls

Pillar 4: Third-Party ICT Risk Management

Articles 28–44 · 17 controls

Pillar 5: Information Sharing

Article 45 · 1 control

Availability Pattern Legend

COMMON Most institutions have this evidence PARTIAL Some institutions; often incomplete RARE Few institutions have this