EPISODE · Feb 2, 2026 · 15 MIN
DORA in 2026: What Changed in 2025 and What Third-Party Risk Teams Must Do Now
from The Third Party Risk Institute Podcast · host Linda Tuck Chapman
DORA is now in force, and the first full year of implementation (2025) revealed what’s working and where firms are still struggling. In this episode, Third Party Risk Institute breaks down the current state of DORA in 2026 with global takeaways for third-party risk, ICT risk management, incident reporting, resilience testing, and oversight of critical technology providers.We cover what organizations across financial services, tech, healthcare, and consulting did in 2025 to meet expectations, what best practices are emerging, and how risk professionals are adapting through stronger governance, better vendor visibility, contract upgrades, and more realistic testing programs.If you work in TPRM / vendor risk, operational resilience, cyber risk, procurement, compliance, or audit, this is a practical, high-level briefing you can apply immediately.Topics include:DORA pillars explained: ICT risk, incident reporting, testing, third-party risk, info sharingWhat “good” looks like in 2026 (and what still breaks under pressure)Critical vendor oversight and subcontractor / fourth-party visibilityCommon implementation gaps and how teams are closing themTools, operating models, and skills risk professionals are leaning onIf you are in DORA or are responsible for DORA, you can now get Certified via Certified DORA Practitioner (CDP) live stream training from Third Party Risk Institute. More details here: https://thirdpartyriskinstitute.com/dora/🎧 Enjoying the podcast? Explore more resources, expert insights, and certification programs at www.thirdpartyriskinstitute.com📱 Follow us on LinkedIn for real-world conversations and industry trends: Third Party Risk Institute Ltd.📬 Have a question or topic you'd like us to cover? Email us at: [email protected]
What this episode covers
DORA is now in force, and the first full year of implementation (2025) revealed what’s working and where firms are still struggling. In this episode, Third Party Risk Institute breaks down the current state of DORA in 2026 with global takeaways for third-party risk, ICT risk management, incident reporting, resilience testing, and oversight of critical technology providers. We cover what organizations across financial services, tech, healthcare, and consulting did in 2025 to meet expectations,...
NOW PLAYING
DORA in 2026: What Changed in 2025 and What Third-Party Risk Teams Must Do Now
No transcript for this episode yet
Similar Episodes
Dec 5, 2025 ·50m
Oct 9, 2025 ·33m
Oct 3, 2025 ·40m
Sep 11, 2025 ·31m
Aug 27, 2025 ·39m
Aug 18, 2025 ·54m