Managing ICT governance and risk
Insurance businesses operate in a highly regulated environment. They must continuously adapt to new regulatory requirements such as the Digital Operational Resilience Act (DORA), which is expected to become effective in the second half of 2022.
This new EU regulation is within the context of existing Information and Communication Technology (ICT) guidelines from the European Insurance and Occupational Pensions Authority (EIOPA) and respective local regulations. It aims to harmonize existing rules on managing ICT governance, ICT risks and incident reporting—enhancing resilience against cyber-attacks for financial institutions.
UNIQA, a leading insurance group operating in 18 countries and serving approximately 15.5 million customers, wanted to align its existing processes and controls to the new DORA requirements. It sought Accenture’s help to create a roadmap so it could comply with the new regulations within 12 months of anticipated enforcement.