Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier
Home  »  Blog   »   Streamlining DORA Article 27 compliance with CREST CBEST-accredited providers

Streamlining DORA Article 27 compliance with CREST CBEST-accredited providers

28 August 2024. 
By Jonathan Armstrong, Head of Accreditation at CREST International.

As the enforcement of DORA draws closer, identifying high-quality TLTP providers who can meet and demonstrate compliance with the requirements of Article 27 will become a priority for many financial institutions navigating the complexities of this long-anticipated regulation.

The role of external testing and the value of CREST accreditation

While DORA permits institutions to use internal testers, supplemented by external threat intelligence, many may struggle to maintain the human resources necessary to perform these activities to the required standards. In addition, frameworks like CBEST and TIBER-EU highlight the importance of external testing, which introduces fresh, independent perspectives. This approach not only ensures the objectivity of the assessment but also enhances the value of the findings and results.  

Choosing the right TLTP provider: the CREST advantage

As a trusted accreditor and partner for CBEST, CREST is responsible for the initial and ongoing assessment of service providers and certified individuals. These assessments ensure that providers possess the real-world experience, organisational methodologies, and technical skills needed to comply with the requirements set by Article 27.  

Accreditation offers more than just proof of competence; it binds the provider to an enforceable Code of Conduct and Ethics, reinforcing a commitment to quality and professional behaviour.

Choosing a CREST-accredited provider is not merely about ticking a compliance box; it’s about partnering with an organisation that has been rigorously assessed and is dedicated to upholding the high standards expected, particularly in regulated environments.  

Additionally, as CREST CBEST providers are members of CREST specialist global focus groups, they are continuously improving their own quality, the quality of the industry, and the individuals within it. This commitment to ongoing improvement ensures that these providers remain at the forefront of industry best practices.  

By leveraging CREST CBEST-accredited providers, institutions can significantly reduce procurement uncertainty when seeking external TLTP resources. By selecting CREST CBEST-accredited providers, institutions can ensure they are working with partners that are not only compliant with DORA but that are also committed to delivering the highest quality of service. This choice not only mitigates risk but also enhances the institution’s overall operational resilience in line with DORA’s objectives.

Find a supplier

You can find CREST CBEST-accredited providers using our bespoke search engine: Members – CREST (crest-approved.org)