Compliance / Digital Operational Resilience Act
DORA
EU Regulation 2022/2554 for financial entities: ICT risk management, incident reporting, operational resilience testing, and third-party risk — including AI-powered ICT services.
Evidence Kaldros produces
Each item is generated from the chain for the selected window and included in the framework-specific evidence pack. Items below are illustrative — the full control map is in the documentation.
- ▸ ICT risk register tied to agent actions
- ▸ Major incident reports (Art. 19) with timelines
- ▸ Third-party register (Art. 28) for model and tool providers
- ▸ Resilience test artefacts (Art. 24–27)