Senior Management Module

Senior Management Module

Fully DORA-compliant executive training under Article 13(6) DORA and Article 5(2)(g) DORA – available as Open Seminar, In-House Training, Webinar and SCORM-compatible E-Learning.

Overview: Senior Management Module

The Senior Management Module delivers the mandatory digital operational resilience training for board members, directors, C-level executives and heads of internal control functions as required by Article 13(6) DORA, aligned with the governance responsibilities defined in Article 5(2)(g) DORA.

This executive programme focuses on governance, oversight, accountability, impact tolerance, ICT third-party management and supervisory expectations. It enables senior management to fulfil its regulatory duties, set the risk tolerance, oversee ICT processes and ensure the effectiveness of the entity’s digital operational resilience framework.

This module is delivered in four fully audit-ready formats:

  • Seminar
  • In-House Training
  • Webinar
  • E-Learning (SCORM)

Why Do Senior Executives Need DORA Training?

Under DORA, the management body bears ultimate responsibility for digital operational resilience. This includes:

  • setting the ICT risk tolerance and impact tolerances
  • approving the ICT risk management framework
  • overseeing incident classification and reporting
  • supervising ICT third-party service providers and concentration risks
  • ensuring adequate resources for ICT security, resilience and recovery
  • monitoring operational disruptions and approving major decisions
  • ensuring that all staff receive appropriate DORA training
  • maintaining accountability and traceability for all resilience decisions

This module ensures that senior management fully understands these responsibilities and can demonstrate compliance to regulators and internal audit.

Training Content: Senior Management Module

Governance Responsibilities Under DORA (Article 5)

  • Role and duties of the management body
  • Setting risk tolerance, impact tolerances and criticality assessments
  • Oversight of ICT risks, ICT incidents and resilience capabilities
  • Governance expectations from supervisors and auditors

Strategic Oversight of ICT Risk Management

  • Approving and supervising the ICT risk management framework
  • Alignment with business strategy, risk appetite and internal controls
  • Ensuring adequate resources, staffing and budget for ICT resilience
  • Monitoring controls, reporting channels and KPIs

Incident Oversight, Reporting and Decision-Making

  • Management responsibilities during major ICT incidents
  • Approving incident classification and escalation procedures
  • Regulatory reporting obligations and accountability
  • Reviewing post-incident analyses and remediation plans

ICT Third-Party Risk & Concentration Risk Oversight

  • Supervising outsourcing arrangements and critical or important functions
  • Understanding dependencies, exit strategies and substitutability
  • Oversight of SLA performance, resilience metrics and assurance reports
  • Management body responsibilities under Articles 28–30

Business Continuity, Recovery & Resilience Testing

  • Approving ICT-BCP frameworks and testing strategies
  • Interpreting resilience test outcomes
  • Ensuring independent review, continual improvement and readiness
  • Supervisory expectations on executive involvement

Accountability, Documentation & Evidence

  • What senior management must document and sign off
  • Demonstrable audit trail for decisions and oversight
  • Interaction with internal audit, compliance and risk management functions

Training Formats

Seminar

Ideal for individual executives, board members and designated officers.

  • One-day intensive executive programme
  • Delivered in premium seminar hotels
  • Certificate and full audit documentation included
  • Suitable for cross-industry knowledge exchange

In-House Training

Designed for boards, directors and senior leadership teams.

  • Fully tailored to your ICT landscape, governance structure and risk profile
  • Delivered on-site or in hybrid format
  • Includes complete audit-ready documentation package
  • Option to include Q&A with DORA specialists on your organisation’s setup

Webinar

Fast, flexible and ideal for international or distributed leadership teams.

  • Real-time Q&A, interactive polls and scenario discussions
  • Aligned with supervisory expectations
  • Optional knowledge assessment and certificate

E-Learning

Perfect for annual executive training cycles or onboarding of new leaders.

  • Self-paced, highly structured e-learning format
  • Integrated assessments and automated tracking
  • Certificate and LMS-based audit trail
  • Ensures consistent training for all senior managers

Who Should Attend?

This module is designed for:

  • Board Members (executive and non-executive)
  • Managing Directors and C-Suite
  • Heads of ICT, Risk, Security, BCM and Operations
  • Chief Compliance Officers and Data Protection Officers
  • Senior leadership in banks, insurers, payment institutions, EMIs, investment firms and FinTechs
  • Senior managers responsible for ICT third-party oversight

Audit-Ready Documentation Included

Every training format includes:

  • Attendance and participation logs
  • Assessment results (optional)
  • Version-controlled training materials
  • Documentation of non-completion and remediation
  • Annual executive training plan and evidence package

All materials are updated to reflect the latest regulatory interpretations and supervisory expectations under DORA.

Why Choose Leitner & Associates?

  • Fully DORA-aligned training (Articles 5–13 and 23–26)
  • Designed for senior executives and board members
  • Strong focus on governance, accountability and oversight
  • Delivered by recognised DORA specialists
  • SCORM e-learning available for scalable executive deployment
  • Comprehensive audit-ready documentation

Request an Offer

Request your customised offer for the Senior Management Module as an Open Seminar, In-House Training, Webinar or SCORM-compatible E-Learning at:
offer@digital-operational-resilience.net