For those planning training sessions or candidates intending to take an online exam during this period, we will be offering online exam sessions on December 27 and 29, as well as January 5, 2024. You can check the link to online exam events here.

DORA Lead Manager

The PECB Certified DORA Lead Manager training course equips you with the necessary skills to lead and oversee the implementation of digital operational resilience strategies within financial entities to help them ensure compliance with European Union’s Digital Operational Resilience Act (DORA). 

Why should you attend?

As DORA will come into force on January 17, 2025, there’s never been a more crucial time to grasp its implications and requirements thoroughly. Attending the PECB Certified DORA Lead Manager training course offers a unique opportunity to engage with industry experts and peers, fostering valuable discussions and insights into best practices for digital operational resilience. Through interactive sessions and practical exercises, you will gain real-world perspectives on implementing effective strategies to mitigate ICT risks and enhance digital operational resilience in financial institutions. 

Additionally, attending this course demonstrates your commitment to professional development and positions you as a competent leader in the evolving landscape of digital operational resilience. Upon successfully completing the training course and exam, you can apply for the “PECB Certified DORA Lead Manager” credential. 

Who should attend?

This training course is intended for:

  • Financial institutions executives and decision-makers
  • Compliance officers and risk managers
  • IT professionals
  • Legal and regulatory affairs personnel
  • Consultants and advisors specializing in financial regulation and cybersecurity

Learning objectives

After completing this training course, you will be able to:

  1. Understand the regulatory landscape and compliance requirements outlined in DORA, focusing on key pillars such as ICT risk management, ICT-related incident management and reporting, digital operational resilience testing, and ICT third-party risk management
  2. Implement effective strategies and measures to enhance digital operational resilience and mitigate ICT risks within financial institutions, aligning with DORA requirements and industry best practices
  3. Identify, analyze, evaluate, and treat ICT risks relevant to the financial entities 
  4. Develop and maintain robust ICT risk management frameworks, incident response plans, business continuity and disaster recovery plans
  5. Foster collaboration and communication with key stakeholders to ensure successful implementation and ongoing compliance with DORA
  6. Utilize industry-standard tools and methodologies for monitoring, assessing, and managing ICT risks and vulnerabilities, enhancing the overall security posture of financial institutions

Educational approach

  • The training course incorporates interactive elements, such as essay-type exercises and multiple-choice quizzes, some of which are scenario-based. 
  • Participants are strongly encouraged to communicate and engage in discussions.
  • The quizzes are designed in a manner that closely resembles the format of the certification exam.


The main requirement for participating in this training course is having a fundamental understanding of information security and cybersecurity concepts, and familiarity with ICT risk management principles. 

More Details

  • Day 1: Introduction to the concepts and requirements of DORA

    Day 2: ICT-related risk and incident management

    Day 3: ICT third-party risk management and information sharing

    Day 4: Review and continual improvement

    Day 5: Certification exam

  • The “PECB Certified DORA Lead Manager” exam meets the PECB Examination and Certification Program (ECP) requirements, and it covers the following competency domains:

    Domain 1: Fundamental concepts of ICT risk management and digital operational resilience  

    Domain 2: Preparing and planning for DORA project implementation 

    Domain 3: ICT risk and ICT-related incident management 

    Domain 4: Digital operational resilience testing and ICT third-party risk management 

    Domain 5: Review and continual improvement

    For specific information about exam types, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

  • After successfully passing the exam, you can apply for one of the credentials shown below. You will receive the certificate once you comply with all the requirements related to the selected credential.

    The requirements for certifications are as follows:

    Credential Exam Professional experience Risk Management experience Other requirements
    PECB Certified DORA Provisional Manager PECB Certified DORA Lead Manager exam or equivalent None None Signing the PECB Code of Ethics
    PECB Certified DORA Manager PECB Certified DORA Lead Manager exam or equivalent Two years: One year of work experience in ICT risk management Project activities: a total of 200 hours Signing of the PECB Code of Ethics
    PECB Certified DORA Lead Manager PECB Certified DORA Lead Manager exam or equivalent Five years: Two years of work experience in ICT risk management Project activities: a total of 300 hours Signing of the PECB Code of Ethics
    PECB Certified DORA Senior Lead Manager PECB Certified DORA Lead Manager exam or equivalent Ten years: Seven years of work experience in ICT risk management Project activities: a total of 1,000 hours Signing of the PECB Code of Ethics

    The ICT risk management activities should follow best practices and include the following:

    • Drafting a DORA implementation business case
    • Managing a DORA implementation project
    • Implementing an ICT risk management framework
    • Managing documented information
    • Implementing corrective actions
    • Monitoring and improving the performance of the ICT risk management framework
    • Certification and examination fees are included in the price of the training course
    • Participants will receive the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes. 
    • An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
    • If candidates fail the exam, they can retake it within 12 months following the initial attempt for free.