The VASGARD/IAN platform fulfils the requirements of the Digital Operational Resilience Act (DORA) for generating a legally compliant information register and an outsourcing register in accordance with MaRisk. The platform has been developed in close cooperation with renowned German financial institutions to support banks and financial institutions in complying with increasingly stringent regulatory requirements.
Information register in accordance with DORA
- Data integration: The basis is the maintenance of your data in our Central Outsourcing Management app. All relevant information about third parties and service providers is systematically recorded and kept up to date.
- DORA compliance: The software ensures that all necessary data is recorded in a complete information register that can be accessed at any time in accordance with the requirements of DORA.
- Additional output formats: In addition to the pure reporting file, our software can also generate a ‘human readable’ version of the information register. This special version contains comments, explanations and additional information to provide a more comprehensible and comprehensive presentation of the data.
Outsourcing register in accordance with MaRisk
- MaRisk compliance: A complete and compliant outsourcing register is also created based on the same data that is maintained in the app for centralised outsourcing management. This ensures compliance with MaRisk requirements and considerably simplifies your audits.
- Efficiency: Centralised data maintenance avoids duplication of work and redundant systems, leading to a significant increase in efficiency in your risk management process.
Your benefits at a glance
Current reporting standards
To ensure that your reports are always submitted in the required format, we promptly adapt the reporting format to meet evolving regulatory requirements.
Legal compliance
Fulfil all regulatory requirements of DORA and MaRisk easily and reliably.
Efficiency
Reduce the effort and complexity of risk management through centralised data maintenance and optimised workflows.
Multi-client capability
Create the information and outsourcing register for each client individually or in a consolidated version across multiple clients.
Transparency
Maintain an overview of all relevant data on your service providers and their risks at all times.
Future-proof
Continuous adaptation to new regulatory requirements ensures that your reports are always up to date.
FAQ
All data in VASGARD/IAN can be exported and formatted according to requirements.
DORA: Outsourcing register, information register
MVP: BaFin portal
CASPER: EU portal
IMAS: EU portal
The provision of current ICT risks and ICT risk management frameworks is possible via the IT Risk Management (IRM) and Centralized Outsourcing Management (ZAM) apps.
These are basic functions in reporting (Core) and the Centralized Outsourcing Management (ZAM) app.
These are basic functions in reporting (Core) and the Centralized Outsourcing Management (ZAM) app.
Among other things, the categories of ICT third-party service providers, the number of new agreements for the use of ICT services, the type of contractual agreements and the ICT services and functions provided are available.
Reporting individual or aggregated ICT risks to national authorities such as BaFin is one of the platform’s basic functions.
Standard reporting can be used to query which contracts were amended in the last reporting period.
The TPRM (Third Party Risk Management) life cycle addressed by DORA is fully mapped in the Centralized Outsourcing Management app (ZAM). This makes it possible to generate a single point of truth and ensure data quality in terms of completeness, integrity, uniqueness, accuracy and validity.