Press release
Deliberate market focus drives solid growth
Deliberate market focus drives solid growth for Grant Thornton
Services
Through Grant Thornton Financial Advisory Services we support the ambitions of dynamic businesses and help them grow
-
Transactional advisory services
Find out more about the transactional advisory services of Grant Thornton Financial Advisory Services
-
Valuations
Find out more about the valuations services of Grant Thornton Financial Advisory Services
-
Mergers and acquisitions
Find out more about the merger and acquisition services of Grant Thornton Financial Advisory Services
-
Forensic and investigation services
Find out more about the forensic and investigation services of Grant Thornton Financial Advisory Services
-
Recovery & reorganisation
Find out more about the Recovery & reorganisation services of Grant Thornton Financial Advisory Services
-
Business risk services
Find out more about the business risk services of Grant Thornton Financial Advisory Services
-
Business consulting
Find out more about the business consulting services of Grant Thornton Financial Advisory Services
-
Capital market
Capital market
We assist businesses in developing tax-planning strategies to optimise the tax burden in compliance with the regulation in force
-
Corporate and business tax
Find out more about our corporate and business tax services.
-
Direct international tax
Find out more about our direct international tax services.
-
Global mobility services
Find out more about our global mobility services.
-
Indirect international tax
Find out more about our indirect international tax services.
-
Transfer pricing
Find out more about our transfer pricing services.
-
Litigation
Our lawyers and accountants can manage all defense measures provided not only by the Italian law, but also by EU regulations and conventions
-
Family business
Find out more about our Family business services.
-
Legal
The client can be assisted in every need and with the same care both on important operations or disputes and on simple matters
Related insights:
Through Grant Thornton Operations we help businesses focus on their core business and improve efficiency
-
Back office outsourcing
Find out more about our Back office outsourcing services
-
Business process outsourcing
Find out more about our business process outsourcing services.
-
Compilation of financial statements
Find out more about our compilation of financial statements services.
-
Tax compliance
Find out more about our tax compliance services.
-
Electronic invoicing
Find out more about our electronic invoicing services
-
Electronic storage
Electronic storage is an archiving procedure that guarantees the legal validity of a digitally stored electronic document
-
Revaluation of corporate assets
Find out your civil and fiscal revaluation of tangible, intangible and financial assets
We can manage the entire HR process or individual aspects
-
Human resources consulting
Find out more about our human resources consulting services.
-
Payroll
Find out more about our payroll services.
-
HR News
HR News the monthly information newsletter by Grant Thornton HR
we can provide our clients with dedicated services aimed to increase the maturity and resilience of their businesses
-
Cybersecurity
GT Digital helps clients structure information security management internal functions, also through partially or totally outsourced functions
-
Agile and Programme Management
GT Digital provides support in the adoption and implementation of different portfolio management
-
Robotic Process Automation
Our “BOT Farm” can rely on digital workers able to help clients in routine activities, allowing employees to deal with more added-value activities
-
Data strategy and management
GT Digital can support clients in seizing the opportunities offered by Big Data, from the definition of strategies to the implementation of systems
-
Enterprise Resource Planning
We support clients in selecting the most appropriate ERP System according to their specific needs, helping them also understand licensing models
-
IT strategy
GT Digital supports clients in making strategic choices, identifying innovation opportunities, comparing themselves with competitors
-
IT service management
We can support with software selection and with the implementation of dedicated tools for the management of ICT processes
-
DORA and NIS 2
The entry into force of the DORA Regulation and NIS2 represents a major step towards the creation of a harmonised regulatory framework
The entry into force of the Digital Operational Resilience Act (“DORA Regulation”) and of Directive (EU) 2022/2555 (“NIS2 Directive”) represents a major step towards the creation of a harmonised regulatory framework to face cybersecurity-related challenges in the financial industry and beyond.
DORA: Operational resilience in the financial industry
DORA requires financial entities to guarantee suitable safeguarding mechanisms in case of cyberattacks and to strengthen requirements for the prevention of ICT risks in the financial and insurance sectors, including critical third parties providing ICT services.
This regulation stresses the need to guarantee a digital operational resilience to face cybersecurity threats throughout the lifecycle of business activities.
The DORA regulation entered into force on 17 January 2023. The impacted entities have two years to prepare and implement it, therefore up to 17 January 2025.
The new Regulation will enhance the digital operational resilience of European entities in the financial industry, and will be based on five key pillars:
NIS2 Directive: Cybersecurity rules in Europe
The NIS2 Directive is aimed at improving the response of EU Member States to cyberattacks, strengthening the cooperation and exchange of information. Its scope of application is thus broader and includes a wide range of industries, not just those businesses operating in sectors of “high criticality”, such as energy, transport, finance, healthcare, but also those in other critical sectors such as digital providers, postal services, waste management and other essential services. The Directive introduces crucial measures for the management of cybersecurity-related risks and reporting obligations of significant incidents.
The NIS2 Directive entered into force on 17 January. EU Member State will have to issue the relevant national implementing regulation by 17 October 2024.
Art. 21 of NIS2 Directive contains the following recommendations with reference to the measures to manage cybersecurity risks:
Critical actions to get ready for the implementation
Faced with these new regulations, it is essential that organisations adopt a proactive approach to guarantee operational compliance and resilience. Here are some key actions:
- Know your organisation: Understand all processes, services and critical assets is the first step for an effective management of cybersecurity.
- Perform a gap analysis: Carry out an evaluation of the DORA and NIS2 gaps to identify areas for improvement and risks.
- Compare gaps with the main recommendations: Compare the gaps identified with the main recommendations and best practices, focusing on the most critical areas.
- Have a strategic investment plan: Focus on investments which bring an actual value added to the requirements laid down in the Regulation and Directive, thus guaranteeing a comprehensive management of cyber risks.
Conclusions
Getting ready for DORA and NIS2 is not just a regulatory requirement, but also an opportunity to improve operational resilience and protect businesses in an increasingly complex and interconnected digital world.
Get in touch
Roberto Antoniotti
Head of Technology & Innovation
