With the Digital Operational Resilience Act (DORA) in effect since the 17th of January 2025, the number one question before proceeding with complying is whether your company has to. This article explores the exemptions under DORA—whether certain entities are entirely excluded from compliance or subject to simplified ICT risk management requirements, which will allow them to become compliant with the act in a more lenient manner.
The full article can be viewed on Cyprus Mail, Lexology and Mondaq.
For more information, please reach out to Emilios Charalambous.
