DORA Communications and Publications

DORA Registers of Information - Preparation and Submission

5 February 2026

The Central Bank held an Industry briefing session on Wednesday 4 February regarding the 2026 ROI collection. Thank you to the over 800 attendees who joined us for this session. 

As we mentioned during the session, this was a recorded briefing. Please view recording of the Industry briefing and slides used for the briefing (PPTX 18.44MB).

29 January 2026

Central Bank of Ireland will open the Central bank portal for Register of Information (RoI) submissions from the beginning to the end of March 2026.

In preparation for this, an industry wide briefing, aimed at the personnel responsible for the Register of Information upload and approval, will be held from 09:30am – 11:00am on Wednesday 4 February 2026. The purpose of the briefing is to share the Central Bank’s expectations of FEs submitting these registers, including a run through of the most common mistakes we observed last year and the improvements we have made based on feedback received on last year’s submission. This will be a fully online briefing. If you are responsible for submitting the RoI and have not received an invite, your supervisory contact will be able to provide you with an invitation.

We have also updated the Register of Information website, and consolidated the guidance for submitting Registers (PDF 4.96MB).

Major ICT-related Major Incident and Significant Cyber Threat Reporting

10 December 2024

Central Bank of Ireland created a web page which contains information regarding DORA Major ICT-related Incident and Significant Cyber Threat submissions as well as a link to the latest template. For further details see the system "How to guide" (PDF 2.45MB).

Update on Threat-Led Penetration Testing (TLPT)

30 January 2026

In respect of advanced Threat-Led Penetration Testing (TLPT), the Central Bank engages directly with firms in scope of TLPT. An identification exercise is carried out annually and any additional firms identified will be engaged with on a timely basis.

For TLPT specific queries, please contact [email protected].

Expectation of Firms' Compliance with DORA

The majority of the DORA technical standards (RTSs and ITSs) have been in place since 17 January 2025. The RTS on Subcontracting was also finalised, in July 2025.  Therefore, all firms should, by now, have a good understanding of the requirements set out in DORA and the supporting RTSs/ITSs. Steps taken to address any gaps in firms’ existing frameworks, policies and processes should be substantially complete at this stage.