Loading… / 読み込み中…
Loading… / 読み込み中…
A fixed-scope Sprint using sanitized data only to produce a structured evidence pack for DORA pre-audit preparation. US$2,500 fixed; no production access, no PII. Decision-support only, not legal advice.
A fixed-scope evidence pack that organizes resilience signals, gaps, and assumptions for DORA pre-audit preparation.
An indicative mapping for audit preparation — not a claim of completeness, compliance, or certification.
| DORA Article | Topic | Evidence produced |
|---|---|---|
| Art. 11 | Response and recovery | Continuity and recovery evidence summary for in-scope critical services |
| Art. 12 | Backup policies and procedures, restoration and recovery procedures | Backup, restore, and recovery procedure evidence checklist |
| Art. 24 | General requirements for the performance of digital operational resilience testing | Testing evidence matrix for ICT tools, systems, and resilience controls |
| Art. 25 | Testing of ICT tools and systems | Scenario catalogue and test-readiness notes for in-scope services |
| Art. 28 | General principles (ICT third-party risk management) | Third-party ICT dependency map and contract evidence gap log |
| Art. 29 | Preliminary assessment of ICT concentration risk at entity level | ICT concentration-risk evidence log for critical third-party dependencies |
| Art. 30 | Key contractual provisions | Contract evidence checklist for resilience, access, exit, and reporting terms |
20-minute call to confirm in-scope critical services, sanitized inputs, owners, and handover timing.
Review sanitized topology, service dependencies, recovery inputs, and third-party links.
Map evidence to selected DORA articles, identify gaps, assumptions, and audit-prep risks.
Deliver the evidence pack, gap register, and executive readout for internal review.
We work only on sanitized data: no production access, no PII, and no live-system credentials.
No. The Sprint produces decision-support material for DORA pre-audit preparation. It is not legal advice, an audit, or certification, and it does not guarantee regulatory approval.
No. FaultRay works only with sanitized data and does not require production access, PII, live credentials, or direct connections to your systems.
A structured evidence pack: dependency map, article mapping, control and test evidence, recovery/backup checklists, third-party risk notes, gaps, and executive readout.
Delivery is 5 business days after we receive your sanitized inputs. The Sprint is US$2,500 fixed scope, with 50% upfront and 50% on delivery.
Book a 20-minute call to confirm scope, sanitized inputs, and whether the Sprint fits your pre-audit timeline.
Book a 20-min Evidence Sprint scoping call