Zum Inhalt springen

Resilience Platform

Finanzinstitute behalten die Kontrolle über ihre aufsichtsrechtliche Resilienz.

Vom regulatorischen Signal zur prüfbaren Maßnahme, vom Nachweis zur Managemententscheidung – DORA, NIS2, MaRisk, ISO 27001 und Cyber Risk in einem durchgängigen Arbeitsraum.

Entry Paths

Understand regulatory changes

Check current signals in the Regulatory Radar, identify affected frameworks, get automated impact analysis.

Open Radar →

Steer implementation

Filter the controls catalog, prioritize measures, set up test programs, assign responsibilities.

Open Catalog →

Prepare evidence

Bundle evidence packs, document human gates, maintain decision log, create exports with SHA-256.

Open Evidence Ledger →

2026 Highlights

Neue Module für Ihr Resilienz-Management

Fünf neue Arbeitsräume, die speziell auf die aktuellen regulatorischen Anforderungen und Prüfungsschwerpunkte 2026 zugeschnitten sind.

Neu

DORA Exit & Portability Workspace

Steuern Sie Exit-Übergänge und Datenportabilität für IKT-Drittdienstleister – vollständig DORA-konform mit dokumentierten Übergabeprotokollen.

Mehr erfahren
Neu

DORA Resilience Testing Cockpit

Planen, steuern und dokumentieren Sie Ihr gesamtes DORA-Testprogramm – von der Bedrohungsanalyse bis zum TLPT-Bericht.

Mehr erfahren
Neu

Informationsregister Readiness 2026

Bereiten Sie Ihr Informationsregister auf die neuen Anforderungen 2026 vor – mit vollständiger Inventarisierung aller IKT-Assets.

Mehr erfahren
Neu

Rollen-Dashboard

Aufgaben, Maßnahmen und Fristen nach Rollen sortiert – Geschäftsleitung, Compliance, IT-Sicherheit, Revision und Fachbereiche.

Mehr erfahren
Neu

Evidence & Maturity Crosswalk

Mappen Sie Ihre Nachweise auf alle relevanten Standards – DORA, NIS2, MaRisk, ISO 27001 – und messen Sie den Reifegrad.

Mehr erfahren

106

Module

107

Sollmaßnahmen (Gesamtkatalog)

107 im Sollmaßnahmenkatalog

116

Evidence-Items

962

Routen & Exporte

Fachmodule

Alle Module auf einen Blick

Durchgängige Arbeitsräume für jedes regulatorische Thema – von der Inventarisierung bis zum Prüfungsnachweis.

Operationalize DORA

From ICT risk management to incident management to third-party risks: transform requirements into actionable control and evidence logic.

Mehr erfahren

Integrate MaRisk Seamlessly

Interlock governance, outsourcing management, risk control and internal audit with DORA and information security requirements.

Mehr erfahren

Use ISO 27001 as Control Anchor

Leverage ISO/IEC 27001:2022 as international reference for management system, controls, evidence and continuous improvement.

Mehr erfahren

Manage Cyber Risk

12 control objectives for systematic cyber security — from identification through protection and detection to response and recovery. Fully aligned with DORA and ISO 27001.

Mehr erfahren

NIS2 Readiness

EU 2022/2555: Scoping assessment, governance, cyber risk management, incident reporting and supply chain security.

Mehr erfahren

Governance & Decision Log

Human Gates for management decisions and risk acceptance. Structured Decision Log for all critical approvals.

Mehr erfahren

Incident & Crisis Playbooks

Structured playbooks for ICT incident triage, ransomware, cloud outage, third-party incidents and crisis team activation.

Mehr erfahren

AI Governance

Internal Agent Registry with input/output specifications, Human Gates, data classification and review obligations.

Mehr erfahren

Open Source & SBOM

DORA-compliant management of open source usage, SBOMs, vulnerabilities, patch decisions and supplier requirements.

Mehr erfahren

Regulatory Radar

What's important this week?

Current regulatory signals of the current calendar week with impact on DORA, MaRisk, EBA, BaFin, Third-Party Risk, Information Register and Evidence.

Current Week: No New Signals

No new radar signals are available for this calendar week yet. All regular signals are continuously maintained in the archive.

Role Paths

Guided navigation for different roles in the financial institution

Each role receives specific entry points, relevant modules and recommended working methods for their specific responsibilities.

Executive Board

Key question: How do we ensure our ICT resilience meets regulatory requirements and protects our business?

Relevant modules: DORA Test Programme, Information Register Readiness, MaRisk Impact, Evidence & Maturity

Recommended entry: DORA Test Programme

Compliance

Key question: How do we ensure the timely and complete submission of all regulatory reports?

Relevant modules: Information Register Readiness, DORA Test Programme, Third-Party Risk 2026, MaRisk Impact

Recommended entry: Information Register Readiness

IT Security

Key question: How do we ensure our ICT systems are adequately protected?

Relevant modules: Cyber Risk, ICT Risk Management, DORA Test Programme, Evidence & Maturity

Recommended entry: ICT Risk Management

ICT Risk Management

Key question: How do we effectively identify, assess and manage ICT risks?

Relevant modules: ICT Risk Management, DORA Test Programme, Third-Party Risk, Evidence & Maturity

Recommended entry: ICT Risk Management

Third-Party Risk / Outsourcing Management

Key question: How do we manage the risks from our ICT third-party relationships?

Relevant modules: Third-Party Risk 2026, ICT Third-Party Risk, DORA Test Programme, Evidence & Maturity

Recommended entry: Third-Party Risk

Internal Audit

Key question: How do we evaluate the effectiveness of our ICT resilience measures?

Relevant modules: Evidence & Maturity, DORA Test Programme, Information Register Readiness, MaRisk Impact

Recommended entry: Evidence & Maturity

Reporting / Information Register

Key question: How do we ensure our information register data is correct and complete?

Relevant modules: Information Register Readiness, DORA Test Programme, Third-Party Risk 2026, Evidence & Maturity

Recommended entry: Information Register Readiness

Departments with Critical or Important Functions

Key question: How do we identify our critical or important functions?

Relevant modules: DORA Test Programme, Critical or Important Functions, ICT Risk Management, Evidence & Maturity

Recommended entry: Critical or Important Functions