ethira
FeaturesAboutBlogSign inBook a demo
Back to home
DORA RoI Reporting

DORA compliance Without the spreadsheet.

The Digital Operational Resilience Act requires a live, evidenced Register of Information for every critical ICT third party. Ethira keeps it current automatically and exports it in the format your supervisory authority expects.

Book a demoTry it free

No credit card required · Setup in under 10 minutes

DORA Register of Information
Live

ICT Vendor Register

4 vendors · DORA Register of Information

VendorCountryICT ServicesCriticalityRisk ScoreStatus
CloudSoft AGDECloud InfrastructureCritical
72
Active
DataVault LtdGBData StorageImportant
45
Active
NetSecure IncUSCybersecurityImportant
61
Active
PayProcess BVNLPayment ProcessingCritical
83
Active

Last updated: 13 May 2026 · DORA Article 28 compliant

4 of 4 vendors

DORA_RoI_2026_Q1.xlsx

EBA format
ABCDEFGHIJKL
1001000200030004000500060007000800090010001100120
2549300CSAG01LEICloudSoft AGCloudSoft AGLegal personDEEUR2 400 000213800PARENT01LEI
3529900DVLT01LEIDataVault LtdDataVault LtdLegal personGBGBP850 000213800PARENT02LEI
4213800NSEC01LEINetSecure IncNetSecure IncLegal personUSUSD620 000
5724500PPBV01LEIPayProcess BVPayProcess BVLegal personNLEUR3 100 000213800PARENT03LEI
6
7
8
B.05.01
B.04.01
B.05.02
B.06.01
B.07.01

The question Ethira answers

“My Register of Information is a spreadsheet that's out of date the week it's published.”

/ Chief Compliance Officer, financial institution

The problem

01

Your Register of Information is a spreadsheet

DORA requires a structured, auditable Register of Information covering every critical ICT third-party relationship. Maintaining it in Excel means it's wrong within weeks of being published.

02

The regulatory deadline is already running

Supervisory authorities are asking for Registers of Information now. Firms that cannot produce a complete, current RoI face enforcement action. Manual processes can't keep up.

03

You can't prove continuous oversight

DORA doesn't just require a snapshot. It requires evidence that you're monitoring your critical ICT providers on an ongoing basis. A once-yearly assessment doesn't satisfy that obligation.

How Ethira solves it

The capabilities

DORA-ready Register of Information

Ethira maintains your RoI as a live, structured artefact — populated automatically from your vendor estate and updated in real time as relationships change.

01 — DORA-ready Register of Information

Live

DORA-ready Register of Information

Ethira maintains your RoI as a live, structured artefact — populated automatically from your vendor estate and updated in real time as relationships change.

Structured, auditable RoI populated and maintained automatically
Updated in real time as vendor relationships change
Article 28 compliant format from day one

By the numbers

Days

to DORA-ready Register of Information

0%

Register of Information coverage

On demand

evidence pack export for supervisors

Frequently asked questions

Explore more use cases

Shadow AI Discovery

Every AI tool in your org. Visible. Owned.

Learn more

AI Agent Governance

Know what your agents can reach. Enforce it.

Learn more

Third-Party Risk (TPRM)

End-to-end TPRM, Automated.

Learn more

Be DORA-ready before your next supervisory review.

Ethira gives your CIO and CISO a live inventory, a named accountability trail, and a continuous evidence pack — no spreadsheets, no manual effort.

Book a demoSign up free
ethira

Govern every asset. Automatically.

Platform

  • Features
  • AI Governance

Use Cases

  • Shadow AI Discovery
  • AI Agent Governance
  • Third-Party Risk (TPRM)
  • ICT Risk Management
  • DORA RoI Reporting

Company

  • About
  • Blog
  • FAQ
  • Brand
  • Privacy Policy
  • Terms of Service
  • Subprocessors
  • Contact

© 2026 Ethira AB · Luntmakargatan 26, 111 37 Stockholm, Sweden

Privacy PolicyTerms of ServiceSubprocessors