Skip to main content
Navigating DORA: Effective third-party risk management
Thursday, 6 March 2025 11:00 CET

Past Event

Virtual - Webinar

Event language: English

6 Mar. 2025

Thursday, 11:00 CET | 1 Hr.

Navigating DORA: Effective third-party risk management

Join us for an insightful and comprehensive webinar focused on mastering third-party risk management. This session will delve into the intricacies of maintaining the Register of Information (ROI), conducting thorough due diligence, and effectively analysing and managing contracts.

Our Deloitte subject matter experts will provide practical solutions and actionable tips to help you navigate the complexities of the Digital Operational Resilience Act (DORA). You will gain valuable insights to overcome common challenges and ensure your organisation's compliance with DORA's stringent requirements.

Key highlights

 

  • Maintaining the register of information (ROI): Learn best practices for keeping accurate and up-to-date records.
  • Conducting due diligence: Understand the critical steps for evaluating third-party risks.
  • Contract analysis and management: Discover effective strategies for managing and analysing contracts.
  • Practical solutions and tips: Gain actionable insights from Deloitte experts to address common challenges.
  • Ensuring compliance with DORA: Learn how to align your organisation with DORA's regulatory requirements.

 

Why attend

 

  • Enhance digital resilience: Strengthen your organisation's ability to withstand and recover from digital disruptions.
  • Regulatory adherence: Ensure your organisation meets the compliance standards set by DORA.
  • Expert insights: Benefit from the knowledge and experience of Deloitte's subject matter experts.
  • Practical takeaways: Leave with actionable strategies and tips that you can implement immediately.

 

Who should attend

 

This webinar is essential for compliance officers, risk officers, and IT and information security officers dedicated to enhancing their organisation's digital resilience and regulatory adherence.

 

Don't miss this opportunity to elevate your understanding and capabilities in navigating DORA and managing third-party risks effectively.

Georges Gehchan

Senior Manager - Cyber Strategy & Transformation - Deloitte Belgium

Georges is an Information Technology expert with over 21 years of consulting and industry experience in the financial services sector. He has extensive knowledge in all facets of IT management, including IT security and internal controls, cybersecurity management, business continuity planning (BCP) and disaster recovery (DR), governance and strategy, and core banking/ERP systems. Currently, Georges leads the third-party risk management capability for information security, data privacy, and business continuity domains at Deloitte. Before his current role, Georges served as the Chief Information Officer at Banque De L’Habitat in Beirut and held senior management positions at Deloitte in the Middle East and KPMG in New York.

 

Christian Mertel

Senior Manager - Technology & Transformation - Deloitte Germany

Christian Mertel is a Senior Manager at Deloitte Consulting GmbH in Frankfurt, Germany, with over 14 years of consulting experience. He specialises in IT Sourcing & Outsourcing and Multi-Vendor Management, advising clients throughout the sourcing lifecycle. Christian is responsible for developing vendor management frameworks and regularly publishes on the topic. He holds a diploma in business administration from Frankfurt University. Christian's expertise includes conducting DORA gap analyses and ensuring regulatory compliance for financial institutions. Join us at the webinar to benefit from his deep industry knowledge and practical insights.

 

Vanessa Magtang

Manager - Strategy, Risk & Transactions Advisory - Deloitte Malta

Vanessa is a Manager in Deloitte Malta’s Strategy, Risk & Transactions business, specialising in IT and specialised assurance. She has extensive experience in IT audits, systems validation, security risk assessments, compliance reviews, assurance reviews, and service provider due diligence across various industries, including financial services, manufacturing, telecommunications, life sciences, real estate, and gaming. Vanessa has also been instrumental in implementing and advising on the Digital Operational Resilience Act (DORA) for financial entities, ensuring robust operational resilience and regulatory compliance. She holds certifications as a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and ISO 27001 Lead Auditor (LA).

Thursday, 6 March 2025

11:00

Welcome and introduction

Part 1: Due diligence and ongoing monitoring of ICT third-party service providers

11.05

Key challenges in conducting due diligence and ongoing monitoring of ICT third-party service providers

11.10

Effective strategies for due diligence and ongoing monitoring of ICT third-party service providers

Part 2: Analysing and managing contracts

  

11.25

Common challenges in contract analysis and management

11.30

Leveraging AI for optimised contract analysis and management

Part 3: Maintaining the register of information (ROI)

 
11.40

Overcoming challenges in ROI implementation: Key lessons learned

11.45

Practical solutions and tips for effective ROI establishment and maintenance
--------------------------------------------------------------------------------------
11.55

Q&A
12.00

End of webinar

Get in touch

Cheryl Grech

Deloitte - Malta
In 2020, Cheryl joined Deloitte’s Risk Advisory Business in Malta within the Regulatory and Legal Support team, where she has led number of engagements supporting clients operating in the financial services sector in areas including regulatory compliance and change management. Prior to joing Deloitte, Cheryl has 13 years experience working for a Domestic Systemically Important Bank (D-SIB or G-SIB as a Group). Her banking experience started in front-line roles, focusing on customer relationship management and business development, moving on to managerial roles specialising in risk management areas. Cheryl has led the implementation of a number of regulatory projects on a bank-wide level, working closely with the regulator as well as managing cross-functionally. She has held the position of Secretary for a Tier 1 Risk Management meeting where she gained substantial knowledge on the overall risks in the banking sector as well as identifying appropriate measures and controls. Through her experience in risk strategy, Cheryl has also acquired skills in governance management including the adoption and periodic review of the enterprise risk management framework, and other active roles in governance committees.
View Profile

Webinar Series

Empowering tomorrow, today

 

Take the lead with Deloitte’s Webinar Series, designed to give you valuable insights on important developments affecting your business.

Register for a webinar today!