DORA Lead Manager
Master the Digital Operational Resilience Act (DORA), already mandatory for the European financial sector. Learn to manage ICT risk, incidents, resilience testing and third-party risk, alongside a consultant who has led DORA implementation in banking and payments.
Who is this course for?
- Financial sector professionals (banking, payments, insurance, fintech) who must comply with DORA
- Managers of ICT risk, operational resilience and continuity
- Consultants and auditors who want to specialise in the most prominent regulation in finance
- CISOs, BISOs and compliance managers of financial entities
What you'll gain
- The internationally recognised PECB Certified DORA Lead Manager credential
- The ability to manage the ICT risk framework required by DORA
- Command of incident management, resilience testing and third-party risk (TPRM)
- The most in-demand specialisation in today's European financial sector
Course programme
Day 1 · Introduction to DORA and the ICT risk management framework
- Context, objectives and scope of the DORA regulation
- The ICT risk management framework
- Governance and responsibilities of the management body
Day 2 · Incident management, classification and reporting
- ICT-related incident management process
- Incident classification and materiality thresholds
- Reporting to the competent authorities
Day 3 · Digital operational resilience testing
- Resilience testing programme
- Threat-led penetration testing (TLPT)
- Findings management and remediation plans
Day 4 · ICT third-party risk and contractual arrangements
- ICT service provider risk management
- Key contractual requirements and register of information
- Concentration risk and critical providers
Day 5 · Certification exam
- Review and mock exam
- Official "PECB Certified DORA Lead Manager" exam (3 hours)
Exam, credits & certification
After passing the exam, you can claim the "PECB Certified DORA Lead Manager" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing first time is no longer a pressure. CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.
Your trainer

Ricardo Coronel Lemus
Over 20 years in cybersecurity and compliance, today working as a vCISO and GRC consultant with real clients in France, Spain and Mexico. I have led DORA implementation in banking and payments companies, driving the compliance process in real conditions. I don't teach DORA theoretically: I have applied it in the field. That's what I bring to my training and coaching.
Frequently asked questions
Do I need any prerequisites?
In which language is the exam held?
What is the difference between Self-Study and Self-Study + Coaching?
What if I don't pass the exam?
Who exactly does DORA apply to?
Ready to get certified in DORA?
Choose your option above and enrol online. A question or need advice? Write to me or book a call.