DORA Executive Governance for Management Bodies Course is executive training aimed at Boards and Senior Management, focused on supervision, decision-making, accountability and evidence responsibilities in the context of digital operational resilience. It is not a technical or implementation course; it is training in institutional leadership and responsibility at the highest level.
Quick Access: Introduction· Why this course exists· What this course enables· Frameworks and topics· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration
Upcoming dates
Confirmed dates.
Synchronous, live training. Interaction with the trainer and the group.
Live Online • next edition
Live Online • base price
Language: available in Portuguese or English
Format: executive, decision-oriented
Exam: 15 min
EXCELLENCE & LEADERSHIP LEVEL — technical authority and leadership in governance.
Why this course exists
To support Boards and Senior Management in understanding what they must approve, supervise, require and monitor in the DORA context.
DORA is no longer only a technology topic. Today, it is also a matter of governance, supervision, priorities, resources, third parties, continuity and crisis decision-making.
This course exists to support Management Bodies and Senior Management in understanding what they must approve, supervise, require and monitor, without entering into unnecessary technical detail for the target profile.
What this course enables you to do
Understand
Understand what changes for Boards and Senior Management under DORA and its impact at governance level.
Supervise
Clarify the role of the management body in supervising ICT risk and digital operational resilience.
Decide
Improve decision-making and supervision capability regarding incidents, third parties, testing and institutional readiness.
Require evidence
Recognise the critical topics that require approval, monitoring and evidence from teams.
Frameworks, regulation and topics addressed throughout the course
Governance and organisation
ICT risk management framework
ICT-related incident management
Digital operational resilience testing
ICT third-party risk
Dependencies and concentration
Executive reporting and evidence
Authorities, oversight and institutional articulation
TIBER-EU — overview in the executive context
Value for the organisation
- Strengthens governance and accountability at management body level.
- Improves supervision and decision-making capability in digital operational resilience.
- Reduces the risk of supervision failures, unclear priorities and insufficient evidence.
- Improves preparation for interaction with regulators, audit and other control functions.
Introduction
The DORA Executive Governance for Management Bodies course is executive training aimed at the Board and Senior Management, focused on supervision, decision-making, accountability and evidence responsibilities in the context of digital operational resilience.
The training adopts an approach oriented towards governance, risk, decision-making and institutional readiness. It is not a technical or implementation course; it is training in institutional leadership and responsibility at the highest level.
The training includes a mini final exam and a Behaviour® Certificate of Completion, as evidence of executive capacity-building in DORA matters.
This Training Plan and all associated documents are protected by Copyright and registered as a literary work with IGAC.
General Objectives
At the end of this course, participants will be able to:
- Understand DORA’s framework and logic from an executive perspective.
- Identify concrete responsibilities of Boards and Senior Management.
- Recognise what should be approved, reviewed and supervised at governance and ICT risk level.
- Understand the role of top management in incidents, crisis, third parties and testing.
- Identify what reporting and evidence should be required from teams.
Target Audience
- Board members
- Members of the Board of Directors
- Executive Committee
- Directors
- Senior owners of critical or control functions
- Members of supervisory bodies, where applicable
Prerequisites
There are no mandatory technical prerequisites. The training was designed for an executive profile, focused on governance, supervision, decision-making and evidence.
Programme
1. Opening and executive context
- What DORA is and why it matters to top management
- Why digital operational resilience is now a governance matter
- Relationship between ICT risk, continuity, third parties and institutional response capability
2. Role of the management body
- Responsibility, supervision and accountability
- What Boards and Senior Management should approve, review and monitor
- Knowledge, diligence and effective involvement
- The risk of delegation without supervision
3. Supervision of the ICT risk management framework
- What the ICT risk management framework means in executive terms
- Strategy, priorities, resources and reporting
- Risk, tolerance, measures, review and improvement
- Weakness signals that management should know how to recognise
4. Incidents, crisis and decision-making
- What should be escalated to Boards and Senior Management
- Management’s role in a major incident or relevant disruption
- Decision-making, prioritisation, communication and follow-up
- Lessons learned and control reinforcement
5. Third parties, dependencies and concentration
- Why third-party risk is central in DORA
- Critical ICT dependencies and concentration risk
- What Senior Management should require in contracting, monitoring and exit
- Continuity, substitution capacity and supervision of dependencies
6. Evidence, reporting and institutional readiness
- What reporting makes sense at executive level
- Indicators, dashboards and evidence useful for decision-making
- What to ask risk, compliance, security, IT and operations teams
- Preparation for supervision, audit and formal requests
Exam(s) and Certification
Exam “DORA Executive Governance Certification”
The final exam covers the following domains:
- Domain 1: Executive framing of DORA and implications for Boards and Senior Management
- Domain 2: Role of the management body, supervision, accountability and evidence
- Domain 3: ICT risk management framework, priorities, resources and executive reporting
- Domain 4: Incidents, crisis, decision-making, follow-up and lessons learned
- Domain 5: Third parties, dependencies, concentration and institutional readiness
Language(s): Portuguese and English.
Duration: 15 minutes.
Format: Multiple choice.
Number of questions: 10.
Pass mark: 60/100 points.
Issuing entity: Behaviour (legal entity), through its certification service Behaviour Certification Services.
Result: final assessment associated with completion of the training.
Certification process
After successfully completing the exam and accepting or signing the applicable agreement and Code of Ethics, the candidate achieves the credential DORA Executive Governance Certification, issued by Behaviour (legal entity), through its certification service Behaviour Certification Services.
A Certificate and a Digital Certification Badge will be issued to participants who successfully complete the certification exam and satisfy all requirements of the certification for which they are applying.
The certification attests that the holder has acquired structured knowledge of the legal framework of DORA, the responsibilities of Management Bodies and Directors, and the principles of cybersecurity governance and supervision required by the Legal Framework for Cybersecurity, in alignment with the guidance of the national regulator.
The personal certification programme DORA Executive Governance Certification is developed and maintained in accordance with the international standard ISO/IEC 17024.
Certification programmes are valid only for individuals, not companies, and the award and maintenance of certification depend on the exam result, professional experience and compliance with the applicable agreement and Code of Ethics.
If the professional does not comply with the agreement or the Code of Ethics, the certification is not granted or is revoked.
Other Information
General Information
- Training available in Portuguese or English.
- Online training materials available in Portuguese or English, with online access, in accordance with the awarded conditions.
- Methodology oriented towards governance, supervision and decision-making, suitable for an executive and non-technical profile.
- Behaviour digital Training Attendance Certificate with 4 CPD/CPE credits.
- Online Certification Exam, in Portuguese or English. The exam is taken at the end of the training.
- Digital Certification Diploma and Digital Certification Badge after passing the exam and completing the application process. This process has no associated cost.
Trainer(s)
The trainers are professionals with experience in governance, risk, compliance, cybersecurity, operational resilience and digital regulation, able to translate DORA into the context of top management decision-making and supervision.
Benefits
View benefits
- Helps Boards and Senior Management interpret DORA in the language of governance, supervision and decision-making.
- Strengthens the quality of dialogue with risk, compliance, security, IT, operations, audit and regulator teams.
- Improves the ability to recognise weakness signals, insufficient evidence and critical dependencies.
- Creates a practical basis for better monitoring of incidents, third parties, testing and executive reporting.
- Generates executive-level training evidence in the context of digital operational resilience.
Logistics
Useful information
- Live Online (synchronous time): 09:00–13:00 (Lisbon time), with one short break.
- Classroom (synchronous time): 09:00–13:00 (Lisbon time), with one short break.
- 4h of synchronous training, half-day training.
- Requirements: computer with stable internet, updated browser, PDF reader and audio/video.
Hotels in Lisbon
Find out where you can stay in Lisbon, near Behaviour, for classroom training.
Frequently Asked Questions
Objective answers to additional questions about the framework and usefulness of the course.
Is this course still useful if the organisation has already started a DORA programme?
Yes. The course remains relevant when the organisation has already started an assessment, roadmap or DORA programme, because it helps align Boards and Senior Management on what they should supervise, validate, require and monitor throughout that pathway.
Does it help top management improve the quality of supervision without entering into excessive technical detail?
Yes. The focus is precisely on strengthening supervision, questioning, prioritisation and decision-making capability, without turning the session into technical implementation training.
Is it relevant for entities with strong dependence on third parties, cloud or critical ICT services?
Yes. The course helps management understand why third-party risk, critical dependencies, concentration and substitution capacity are central supervision topics in the DORA context.
Can it work as an initial executive alignment session before investment, prioritisation or roadmap decisions?
Yes. It is a good option to create common understanding at executive level before approving priorities, resources, reporting, testing, improvement initiatives or decisions related to third parties and continuity.
What practical outcome can management expect after this training?
Management should leave better prepared to interpret reporting, require appropriate evidence, ask better questions to internal teams and monitor with greater judgement topics such as ICT risk, incidents, testing, third parties and institutional readiness.
For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.
Registration
Complete the form to express interest or request your registration for the preferred edition. Check the upcoming dates.
Request more information
If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable path.
Companies: request a proposal
For Board, Executive Committee, Senior Management or supervisory body groups, we provide volume conditions and a proposal tailored to the organisational context.
This course may be attended by individual professionals. It may also be integrated into programmes aimed at management bodies and executive leadership with supervision, decision-making and accountability responsibilities in the DORA context.