DORA managed service • supplier outreach • decision-ready reporting

Outsource DORA supplier assessments with decision-ready output

We run the supplier assessment process on your behalf — including supplier outreach, evidence collection, and a clear DORA-focused output for internal decision-making.

  • Focused on DORA-relevant supplier controls and third-party risk expectations
  • We interact with suppliers on your behalf and manage the information-gathering process
  • Clear scope and boundaries to keep delivery predictable

Why companies use this DORA service

A managed DORA service for companies that need ICT third-party risk assessment, structured supplier oversight, and evidence they can rely on.

Step 1

Start managed DORA assessment

Submit the supplier and DORA scope so we can run the managed assessment process on your behalf.

Step 2

We engage suppliers for you

We request information, collect responses and documents, and manage the supplier interaction on your behalf.

Step 3

Receive a defensible output

You receive a clear DORA-focused report with findings and score-based output that supports decisions and compliance evidence.

DORA service options

Choose the DORA service level that matches supplier criticality, required review depth, and the level of confidence your organisation needs.

DORA preset has a fixed scope (no extra modules). Custom assessments are priced per module.

Essential

Automated OSINT Screening

Best for: preliminary public-source screening before a managed or deeper assessment

Price: Free

(registered corporate accounts only)

  • Automated company background check (public sources only)
  • Public security & privacy signals
  • High‑level risk indicators
Discuss DORA OSINT screening

Optional pre-check before managed assessment →

Advanced (L2)

Managed DORA Assessment

Best for: fintech startups and other SMB firms that need outsourced DORA supplier assessment without building the capability in-house

Price: €2,500 (excl. VAT)

Target delivery: 5–7 business days (after required inputs are received)

  • Managed DORA assessment delivered through the platform
  • DORA-focused supplier questionnaire, document collection, and evidence review
  • Expert review of answers & evidence (manual validation)
  • 1 clarification round (follow-ups)
  • Written findings (HTML/DOCX) + board-ready summary
Discuss DORA assessment scopeThe next step depends on your status: new users register, signed-out users sign in, unpaid assessments continue to review and payment, and already paid assessments continue directly.
In-Depth (L3)

Enhanced DORA Assessment

Best for: critical ICT and third-party providers where deeper evidence review and stronger decision support are required

Price: €4,000 (excl. VAT)

Target delivery: 10–15 business days (after required inputs are received)

  • Everything in Advanced (L2), plus audit-style evidence review and control-level findings
  • Supplier interview (60–90 minutes) + evidence walkthrough (what exists, what is missing)
  • Up to 2 clarification rounds (follow-ups) + tracked evidence gaps within defined scope
  • Traceable DORA risk narrative for defensible decisions (not certification / not assurance)
  • Written findings (HTML/DOCX) + decision-ready summary pack
  • Internal governance reuse focus (clear evidence trail within defined scope)
Request enhanced DORA consultationThe next step depends on your status: new users register, signed-out users sign in, unpaid assessments continue to review and payment, and already paid assessments continue directly.

VAT is applied based on customer location and VAT status. EU business customers with a valid VAT ID are typically charged 0% VAT under reverse charge.

What you receive from the managed DORA service

Not just documentation — but a clear DORA-focused output you can use for internal decisions and compliance discussions.

  • DORA-focused risk narrative (what the supplier risk is, why it matters, and what to do next)
  • Evidence-backed findings (review of supplier responses & supporting materials within defined scope)
  • Clear boundaries: one supplier, one DORA use case; supports decision documentation (not certification)

Supports internal DORA ICT third-party risk management decisions and documentation. The sample report demonstrates DORA-specific mapping (Articles/RTS), supplier criticality context, and traceable evidence-based rationale. It does not constitute a compliance verdict, certification, legal advice, or regulatory assurance.

Discuss DORA assessment scope Request DORA sample report

When enhanced DORA assessment is needed

An audit-like, evidence-driven DORA assessment for critical ICT and third-party providers — when stronger internal decision support matters.

  • Audit-like depth (structured, evidence-driven assessment aligned to DORA expectations; suitable for internal governance, escalation, and documented follow-up)
  • Deep evidence review (manual review of supplier-provided documentation and artefacts; relevance, sufficiency, and applicability under DORA scope)
  • Control-level findings (clear conclusions at requirement/control level with explicit rationale — not just high-level scoring)
  • Traceable risk narrative (why the risk matters under DORA; what it means for ICT concentration, resilience, and operational continuity)
  • Defensible decision output (written for senior management escalation and documented internal review; reusable in risk committees and governance follow-up)
  • Clear boundaries: one supplier, one DORA use case (preset). Not certification, not assurance — maximum defensibility within defined scope.

In-depth (L3) is designed for critical suppliers and higher regulatory scrutiny scenarios. Written in a form suitable for documented internal review and governance reuse. It does not constitute legal advice, certification, or regulatory assurance.

Compare plans Request enhanced DORA consultation

Talk to us about your DORA scope

Tell us about your supplier, DORA scope, and criticality. We’ll recommend the right service level and expected timeline.

Email

Email us

We typically reply within 1 business day.

Already know what you need?

You can start an assessment flow now — we’ll follow up if scope needs clarification.

Discuss DORA assessment scope Request enhanced DORA consultation