DORA
Contact Us

Log in

Products
Products by framework:

ISO 27001

NIS 2

EU GDPR

ISO 9001

ISO 14001

ISO 45001

ISO 13485

EU MDR

ISO 20000

ISO 22301

ISO 17025

IATF 16949

AS9100

ISO 27001

Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001 Documentation Toolkits

All required policies, procedures, and forms to implement an ISMS according to ISO 27001.

Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful ISMS.

ISO 27001 Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

NIS 2

Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.

NIS 2 Documentation Toolkit

All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.

NIS 2 Cybersecurity Training & Awareness

Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.

EU GDPR

Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.

EU GDPR Documentation Toolkits

All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.

EU GDPR Online Courses

Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.

ISO 9001

Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.

ISO 9001 Documentation Toolkits

All required policies, procedures, and forms to implement a QMS according to ISO 9001.

ISO 9001 Online Courses

Accredited courses for individuals and quality professionals who want the highest-quality training and certification.

Experta ISO 9001 Knowledge Base

Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.

ISO 14001

Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.

ISO 14001 Documentation Toolkits

All required policies, procedures, and forms to implement an EMS according to ISO 14001.

ISO 14001 Online Courses

Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.

Experta ISO 14001 Knowledge Base

Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.

ISO 45001

Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.

ISO 45001 Documentation Toolkits

All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.

ISO 45001 Online Courses

Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.

ISO 13485

Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.

ISO 13485 Documentation Toolkits

All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.

ISO 13485 Online Courses

Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.

EU MDR

Compliance products for the European Union’s Medical Device Regulation.

EU MDR Documentation Toolkits

All required policies, procedures, and forms to comply with the EU MDR.

ISO 20000

Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.

ISO 20000 Documentation Toolkits

All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.

ISO 22301

Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.

ISO 22301 Documentation Toolkits

All required policies, procedures, and forms to implement a BCMS according to ISO 22301.

ISO 17025

Implementation products for testing and calibration laboratories according to the ISO 17025 standard.

ISO 17025 Documentation Toolkit

All required policies, procedures, and forms to implement ISO 17025 in a laboratory.

IATF 16949

Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.

IATF 16949 Documentation Toolkits

All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.

AS9100

Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.

AS9100 Documentation Toolkits

All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Free Resources
Resources

By Type

Articles

Webinars

Courses

White Papers

Templates & Tools

View All

Where to Start

ISO 27001

NIS 2

ISO 22301

DORA

ISO 9001

EU GDPR

ISO 13485

EU MDR

ISO 14001

IATF 16949

ISO 45001

AS9100

ISO 20000

Compliance in general

ISO 17025

Other

Live Consultations

Consultant Directory

Community
Industries
Solutions for industries:

Consultants

IT & SaaS companies

Critical infrastructure

Manufacturing

Transportation & distribution

Education

Telecommunications

Banking & finance

Government

Health organizations

Medical device

Aerospace

Automotive

Laboratories

Consultants

Implementation, maintenance, training, and knowledge products for consultancies.

Conformio for Consultants

Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.

Consultant Toolkits

All required policies, procedures, and forms to implement various standards and regulations for your clients.

NIS 2 and Security Awareness Training

Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.

Lead Auditor and Lead Implementer Courses

Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.

Experta ISO Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Consultant Directory

Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.

IT & SaaS companies

Implementation, maintenance, training, and knowledge products for the IT industry.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001, 22301, 20000, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Critical infrastructure

Compliance, training, and knowledge products for essential and important organizations.

NIS 2, GDPR, ISO 27001, and ISO 22301 Documentation Toolkits

Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).

NIS 2 Cybersecurity Training & Awareness

Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Manufacturing

Implementation, training, and knowledge products for manufacturing companies.

ISO 9001, 14001, and 45001 Documentation Toolkits

Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Transportation & distribution

Implementation, training, and knowledge products for transportation & distribution companies.

ISO 9001, 14001, and 45001 Documentation Toolkits

Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Education

Implementation, training, and knowledge products for schools, universities, and other educational organizations.

ISO 27001, 9001, and GDPR Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).

Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, 9001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001 and 9001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.

Telecommunications

Implementation, maintenance, training, and knowledge products for telecoms.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001, 22301, 20000, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Banking & finance

Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001, 22301, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Government

Implementation, training, and knowledge products for local, regional, and national government entities.

ISO 27001, 9001, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, 9001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001 and 9001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.

Health organizations

Implementation, training, and knowledge products for hospitals and other health organizations.

ISO 27001, 9001, 14001, 45001, and GDPR Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).

ISO 27001, 9001, 14001, 45001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001, 9001, and 14001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Medical device

Implementation, training, and knowledge products for the medical device industry.

MDR, ISO 13485, 27001, 9001, 14001, 45001, and GDPR Documentation Toolkits

Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).

ISO 13485, 27001, 9001, 14001, 45001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001, 9001, and 14001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Aerospace

Implementation, training, and knowledge products for the aerospace industry.

AS9100, ISO 9001, 14001, and 45001 Documentation Toolkits

Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Automotive

Implementation, training, and knowledge products for the automotive industry.

IATF 16949, ISO 9001, 14001, and 45001 Documentation Toolkits

Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Laboratories

Implementation, training, and knowledge products for laboratories.

ISO 17025 and 9001 Documentation Toolkits

Documentation to comply with ISO 17025 (testing and calibration laboratories) and ISO 9001 (quality).

ISO 9001 Online Courses

Accredited courses for individuals and quality professionals who want the highest-quality training and certification.

Experta ISO 9001 Knowledge Base

Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
About Us

Our Team

Leading Experts

Experienced auditors, trainers, and consultants ready to assist you.
About Advisera
About Us
Contact Us

Get Started

Home
Resources
CDR 2024-1774
Cryptographic key management

Commission Delegated Regulation that supports DORA regulation

Full Text of CDR 2024-1774

Regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework

CDR 2024-1774 Table of Contents

Title 1 (Art. 1) General principle
Title 2 (Art. 2 – 27) Further harmonisation of ICT risk management tools, methods, processes, and policies in accordance with Article 15 of Regulation (EU) 2022/2554
Title 3 (Art. 28 – 41) Simplified ICT risk management framework for financial entities referred to in Article 16(1) of Regulation (EU) 2022/2554
Title 4 (Art. 42) Final provisions

Source EUR-Lex: https://eur-lex.europa.eu/

CDR 2024-1774 Chapter 1 Section 4 Article 7

Article 7 – Cryptographic key management

Financial entities shall include in the cryptographic key management policy referred to in Article 6(2), point (d), requirements for managing cryptographic keys through their whole lifecycle, including generating, renewing, storing, backing up, archiving, retrieving, transmitting, retiring, revoking, and destroying those cryptographic keys.
Financial entities shall identify and implement controls to protect cryptographic keys through their whole lifecycle against loss, unauthorised access, disclosure, and modification. Financial entities shall design those controls on the basis of the results of the approved data classification and the ICT risk assessment.
Financial entities shall develop and implement methods to replace the cryptographic keys in the case of loss, or where those keys are compromised or damaged.
Financial entities shall create and maintain a register for all certificates and certificate-storing devices for at least ICT assets supporting critical or important functions. Financial entities shall keep that register up to date.
Financial entities shall ensure the prompt renewal of certificates in advance of their expiration.

Article 6 – Encryption and crypt...Article 8 – Policies and procedu...

Comprehensive Guide to the DORA Regulation

Free white paper that explains the basics of the European Union’s Digital Operational Resilience Act

Products

Conformio

Toolkits

Training

Experta

Company Training Account
Resources

Articles

Webinars

Courses

Free Downloads

Tools

Live Consultations

Consultant Directory
Standards & Regulations

ISO 27001

ISO 22301

ISO 13485

ISO 9001

ISO 14001

ISO 45001

ISO 20000

ISO 17025

NIS 2

DORA

EU GDPR

EU MDR

IATF 16949

AS9100

Compliance in general
Advisera

About Us

For Consultants

Careers

Contact Sales

Terms of Use
Help

Help Center

Contact Support

Partnerships

Copyright ©2024 Advisera Expert Solutions Ltd