ED-EL-03 ICT Risk & Digital Resilience for Executives: Meeting Your DORA and NIS2 Obligations – e-Learning
Duration: 5 hours of e-Learning content (unlimited access for 6 months)
Training format: Asynchronous (e-Learning)
CPE credits: 5
This e-Learning course gives executive leaders a clear, practical understanding of their personal and organizational obligations under DORA and NIS2.
This executive course moves beyond legal summaries to focus on what executives are actually accountable for: approving risk frameworks, overseeing `incident response, questioning third-party dependencies, and demonstrating due diligence to regulators. Interactive questionnaires, self-assessments, and case-based examples translate dense regulatory text into board-relevant decisions.
Each module closes with a short knowledge check, and the course produces a set of downloadable checklists, templates, and an action plan that executives can put to use after completing the course.
The course remains accessible online for six months, allowing executives to revisit key modules at their own pace ahead of board meetings, audits, or regulatory deadlines, and includes a certificate of completion that fulfils the training obligations under NIS2 and DORA.
€895 excl. VAT per person ED-EL-03.1
€3,580 excl. VAT / 5 participants ED-EL-03.2
€5,370 excl. VAT / 10 participants ED-EL-03.3
5 hours of e-Learning content (unlimited access for 6 months)
Asynchronous (e-Learning)
5
By the end of the course, participants will be able to:
- Determine whether DORA, NIS2, or neither apply to their organization
- Understand the vocabulary and tools of ICT risk management and governance
- Methods to read a cyber risk report presented by a CISO or risk team and engage with them for better decision making
- Apply a structured governance self-assessment to their organization's current posture and build an action plan
Who Should Attend
Executive leaders, board members, and senior management
Prerequisites
None. No prior technical knowledge required.
Why This Matters to You Personally
- Personal liability of management body members under DORA (Art. 5) and NIS2 (Art. 20 and Art. 32/33)
- Real-world regulatory cases where executive governance failures were identified and sanctioned
- Why "my CISO handles that" is no longer a sufficient governance posture, and what "sufficient knowledge" means in practice
- The questions regulators ask executives after a major incident
Understanding Your Regulatory Obligations: DORA and NIS2 Decoded
- A structured decision framework to determine whether DORA, NIS2, both, or neither apply to your organization
- What each regulation individually requires of the management body
- Comparing DORA and NIS2 side by side: where they overlap, and which framework sets the higher bar on each dimension
- What regulators look for during an audit, and the evidence gaps that can trigger enforcement action against the management body
The ICT Risk Landscape: What Executives Need to Understand
- The core vocabulary of ICT risk: threats, vulnerabilities, and financial exposure
- Beyond the heat map: how to read, challenge, and act on ICT risk reporting
- The tools executives need to govern ICT risk with confidence
Digital Operational Resilience: Beyond Business Continuity
- What "digital operational resilience" now means under DORA and NIS2
- Cybersecurity and risk oversight obligations and resilience measures to implement as a senior executive
- Resilience testing, third-party dependencies, and recovery obligations
Reading and Challenging Risk Reports: The Executive Toolkit
- Moving from qualitative heat maps to financially meaningful risk reporting
- How to read a quantified risk report: probability, loss magnitude, exposure
- The right questions to ask a CISO or risk team presenting results
Building Your Governance Posture: From Obligation to Action
- Self-assessing your organization's governance readiness
- Turning gaps into a prioritized action plan
- Preparing evidence of compliance for regulators and auditors
Instructional design developed by the C-Risk Education team, experts in FAIR-based risk quantification.
- Self-assessments integrated throughout the eLearning modules
- Multiple-choice quizzes at the end of each chapter to validate understanding of key concepts
- Interactive modules accessible online 24/7 for 6 months
- Bibliographic references and links to relevant standards
Advance Your Career with Cyber Risk Management Training
E-learning platform and instructor-led courses in quantification, cyber risk frameworks, and data-driven decision-making. C-Risk Education equips you with the skills to analyze and manage cyber risk effectively. Our training covers multiple methodologies and frameworks: cyber risk quantification, EBIOS RM, third-party risk management, and advanced threat and control assessment techniques. Learn practical, immediately applicable skills across the full spectrum of modern cyber risk management.

Learn data-driven cyber risk management with FAIR standard. 3-hour instructor-led course on quantifying cyber risk in financial terms. No prerequisites.

Learn FAIR™ cyber risk quantification at your own pace. 3-hour e-learning covering risk management fundamentals and financial risk analysis.

Master FAIR™ methodology in 12 hours. Learn quantitative cyber risk analysis, overcome qualitative limits, and make data-driven security decisions.

Master FAIR™ cyber risk quantification with 12 hours of e-learning. Model risk scenarios, estimate loss factors, prepare for Open FAIR™ 2 certification.

Executive training in cyber risk quantification using FAIR™. Learn data-driven governance for strategic cybersecurity decisions. 3-hour course, 3 CPE credits.

Learn to quantify security control effectiveness using FAIR-CAM™. Model risk reduction, analyze attack chains, and integrate controls into FAIR™ analyses.
.jpg)
Master FAIR-CAM™ to quantify security control effectiveness. 10-hour e-learning for FAIR practitioners. €695 per person. 10 CPE credits included.

Learn to quantify third-party cyber risks using FAIR™. 10-hour e-learning course covering TPRM lifecycle, risk scenarios, and financial quantification.