Digital Operational Resilience Act

Welcome to, this is a web version of the original legal text of the Digital Operational Resilience Act (DORA) regulation from EUR-Lex.

The regulation will apply from 17 January 2025 for relevant financial entities and ICT third-party service providers.

Of course, this text is provided as-is and should not be relied upon as an authoritative source. Instead consult the Official Journal of the European Union.

We will continue to improve these web pages to increase legibility and make navigation more efficient. Follow us on LinkedIn to get notified when we release new features and don't hesitate to let us know if you have questions or suggestions, reach out to

Table of Contents


1 – 106


Chapter V

Managing of ICT third-party risk