CHAPTER II – ICT risk management Section I Article 5 DORA – Governance and organisation Section II Article 6 DORA – ICT risk management framework Article 7 DORA – ICT systems, protocols and tools Article 8 DORA – Identification Article 9 DORA – Protection and prevention Article 10 DORA – Detection Article 11 DORA – Response and recovery Article 12 DORA – Backup policies and procedures, restoration and recovery procedures and methods Article 13 DORA – Learning and evolving Article 14 DORA – Communication Article 15 DORA – Further harmonisation of ICT risk management tools, methods, processes and policies Article 16 DORA – Simplified ICT risk management framework 2025-12-03