Skip to Main Content
Select regional store:
Save 25% on selected auditor training courses. Find out more
Certified DORA Foundation and Lead Auditor Combination Self-Paced Online Training Course

Certified DORA Foundation and Lead Auditor Combination Self-Paced Training Course

SKU: 6057
Format: 1 course with exam
Availability: Pre-order
Format: 1 course without exam
Availability: Pre-order

This Certified DORA Foundation and Lead Auditor Combination Self-Paced Online Combination Training Course provides self-paced training for a reduced combination price. It is designed for risk management and compliance professionals responsible for auditing organizations for compliance with DORA (Digital Operational Resilience Act).

You will get a detailed understanding of how to organize and deliver an audit of a financial services organization, or an ICT third-party service provider or sub-contractor to establish their DORA compliance status.

Accelerate your DORA compliance journey with IT Governance USA

Ways to learn


Online learning course


Just for your organization

With examWithout exam
Step 1 - Select number of courses
Price: $1,995.00
Step 2 - Select number of delegates
per delegate

Training course outline

This course explores DORA and its relevance to the financial sector. It clarifies oversight roles and responsibilities, including reporting, and situates DORA within the broader regulatory framework.

You will assess security, risk, and organizational readiness, linking them to competence, awareness, and training. The course covers auditing ICT risk and incident management, business continuity, and digital resilience. It also examines testing methods, tools, and supply chain processes, including ICT third parties, from operational and legal angles.

You will gain practical skills, DORA-specific knowledge, and strategies for exam success.

Enroll in our Certified DORA Foundation and Lead Auditor Combination Self-Paced Online Training Course today to become a trusted information security auditor. Enhance your organization’s digital operational resilience, obtain DORA compliance early, and gain a competitive advantage.

Benefits for individuals

 Expand your knowledge

Our certified DORA training broadens your understanding so you can navigate complex financial regulations with confidence. Build on your existing knowledge and learn to apply your professional skills to integrate DORA into your organization’s ways of working. 

 Professional development

Advance your career by gaining certification in this new and highly sought-after area. Continue to grow, earning CPD points along the way, by attending our webinars and taking training in related areas. 

 Propel your career

Gain a valuable C-DORA credential that sets you apart in today’s competitive job market. Be an early adopter of professional certification in this new area of cybersecurity practice and compliance knowledge to establish yourself as a trusted leader in information security. 

 Increase your influence and impact

Our certified DORA training will give you essential knowledge and insights to make informed decisions in your organization with confidence and due care. Equip yourself to steer activities that will ensure operational resilience and regulatory compliance. 

Benefits for organizations

 Achieve regulatory compliance

DORA training enables key employees to understand and apply DORA efficiently within your organization. Ongoing compliance relies on having a strong group of DORA-trained staff who can maintain and improve systems and practices.

 Complete support for DORA compliance

Fast-track your organization to DORA compliance with IT Governance USA by selecting training courses, using our DORA Toolkit to accelerate implementation, and using books and free resources to educate your employees and supply chain partners.

 Avoid costly penalties

Minimize the risk of regulatory fines and severe reputational damage by ensuring your organization’s compliance with DORA before the deadline, thereby safeguarding your organization’s financial stability.

 Gain a competitive advantage

Gain a competitive edge by demonstrating compliance early. Compliance signals that you have robust operational resilience and business agility. Improve your market positioning and maintain the respect of stockholders and analysts.

 Strengthen data governance

DORA-certified staff will be able to enhance your organization’s data governance practices, ensuring regulatory compliance and improving measures to ensure data integrity.

 Mitigate risks

Eliminate blind spots and fortify against cyber threats to reduce your liabilities and operational risks, and safeguard against disruptions.

Who should attend this course?

  • Managers and professionals in risk management, compliance, audit, ICT, and related functions who are responsible for evaluating an organisation’s DORA compliance status
  • Managers and professionals responsible for preparing an organization for regular audits and for improving or remediating systems and processes to ensure compliance
  • People working for ICT third-party service providers that supply technology services to financial institutions operating in the EU
  • People committed to their continuing professional development with an interest in cybersecurity best practice

Why self-paced learning?

  • Study at your own pace: Study at your own pace and in your own time around work and life challenges
  • Cost-effective: Self-paced learning is an economical way to get qualified and raise your earning potential
  • Bite-sized learning: Pre-recorded online course, enabling you to learn in easy, manageable, bite-sized chunks
  • Test your knowledge: Knowledge-check questions at the end of each module to help gauge what you’ve learned

Choose IT Governance USA for your professional training

 Renowned experts

We are the recognized global leader in the fields that we train in. IT Governance led the world’s first ISO 27001 certification project and introduced the world’s first certified GDPR training. Since then, more than 30,000 professionals have trained with us.

 Insider insights

We keep you up to date with breaking news and developments in ISO standards, regulations, best practice, and cyber threats, giving you the ‘first to know’ advantage and time to prepare your organization.

 Structured career pathways

We help you navigate a wide range of qualifications to build a career. Through accessible and affordable training and events, you can earn CPD points to empower your professional journey, maintain your qualifications, and improve your business impact.

 Engaging experiences

Our courses and learning materials are built and delivered by subject-matter experts and innovative instructional design specialists with years of practical, hands-on experience.

 More ways to learn

We offer the widest range of learning formats per course than any other training provider, including instructor-led courses, self-paced online training, and custom courses for organizations. We also offer a unique blended learning method, designed for the digital age, which combines Live Online, self-paced, and expert tuition.

 Learn to earn

Pay by credit card online or by invoice. If you are personally investing in your career, you can spread the cost with our finance options. Fantastic discounts on books and courses are available for training graduates and corporate partners.

 ISO 17024-accredited qualifications

IT Governance USA delivers a unique and unrivaled portfolio of training courses and examinations leading to ISO 17024-accredited qualifications awarded by IBITGQ, BCS, ISACA®, EC-Council, PeopleCert, and Microsoft.

 Outstanding quality

Learn better and faster with exceptional course content. Our course material includes extra learning aids, and interactive and practical exercises to help you before, during, and after the training so you can put theory into practice with ease.

 Pass first time or train again for free

More than 30,000 people have passed exams with our training. Pass first time or train again for free.*

*T&Cs apply.

Course details

What does this training course cover?

Introduction to DORA and the regulatory landscape

  • Overview of DORA
  • Sectors affected by DORA
  • Key definitions underpinning the Act
  • Processes that come under the Act and are inspected
  • Role of competent authorities
  • Understanding the proportionality principle
  • Penalties and how remedial measures need to be applied 

ICT risk management principles in DORA

  • Standalone governance, risk, and compliance requirements
  • Understanding ICT risk management frameworks
  • Digital operational resilience strategies
  • Impacts on ICT service providers and along the supply chain, including outsourcing partners
  • Five core concepts

ICT incident management principles in DORA 

  • Key requirements for all parties related to incident management
  • Reporting processes and voluntary disclosure of risks.

Resilience testing requirements 

  • Methods of testing
  • Frequency and timing 

Managing third-party risk

  • Key principles of managing ICT third parties
  • Importance of ICT concentration risk
  • Understanding the oversight framework and key actors within it

Information-sharing principles

  • Information-sharing processes
  • Mandatory and voluntary sharing of information relating to cyber threats

Core audit skills

  • Overview of standards for auditing management systems
  • Principles of auding: managing an audit program
  • Conducting an audit
  • Competence and evaluation of auditors
  • Accredited certification and ISO 17021 principles
  • ISO 17021 process and management system requirements
  • Annex SL introduction and Clauses 1, 2, and 3
  • Plan, Do, Check, Act

The governance, risk, and compliance framework

  • Roles and responsibilities of key actors within the oversight structure
  • Security standards
  • Gauging an organization’s risk appetite
  • Evaluating staff competence, awareness, and training plans
  • Managing third-party ICT risk

Evaluating the effectiveness of ICT risk management frameworks

  • The overlap between enterprise, operational, and ICT risk management frameworks
  • How risk management frameworks and business objectives are linked
  • Assessment processes
  • How to select and deploy control mechanisms
  • Monitoring, evaluating, and improving control mechanisms

Evaluating the effectiveness of ICT incident management frameworks

  • Detection and response processes
  • Resilience strategies and business continuity plans

Principles and practice of digital operational resilience

  • Ways to perform resilience testing
  • Key competencies required for testing methodologies

Managing third-party risk 

  • Identifying and measuring risk
  • Contractual processes

Information-sharing processes

  • Mandatory and voluntary information sharing about cyber threats
  • Processes and procedures

What’s included in this course?

  • Full course materials (digital copy provided as a PDF file)
  • Access to our LMS (learning management system) for one year
  • A certificate of completion
  • The C-DORA-F and C-DORA LA exam voucher (if purchased)

What equipment do I need?

You will need a laptop for the duration of your course and exams.

Are there any prerequisites for this course?

There are no prerequisites for this course as it includes the C-DORA F. However, to be awarded the C-DORA LA certificate, the C-DORA F exam must be passed. 

We recommend reading DORA – A Guide to the Digital Operational Resilience Act before attending this course. 

Course duration

This self-paced online course consists of pre-recorded videos, digital content, and exercises, which are available at any time for one year.

Is there any pre-reading?

We recommend purchasing and reading DORA – A Guide to the EU Digital Operational Resilience Act.

Exams and qualifications

Certified Digital Operational Resilience Act Foundation and Lead Auditor exams

Candidates take the Certified Digital Operational Resilience Act Foundation (C-DORA F) and Lead Auditor (C-DORA LA) exams set by IBITGQ (International Board for IT Governance Qualifications) at the end of the course. There is no extra charge for these exams.

  • Delivery method: Online
  • Duration: 60 minutes (C-DORA F) and 90 minutes (C-DORA LA)
  • Questions: 40 in each exam
  • Format: Multiple choice
  • Pass mark: 65% (C-DORA F) and 75% (C-DORA LA)

What qualifications will I receive?

Certified Digital Operational Resilience Act Foundation (C-DORA F) and Certified Digital Operational Resilience Act Lead Auditor (C-DORA LA). 


This course is accredited by IBITGQ (International Board for IT Governance Qualifications).

IBITGQ (International Board for IT Governance Qualifications) is a personnel certification body that certifies individuals in the field of IT governance.

IBITGQ is accredited to the ISO/IEC 17024:2012 standard (Conformity assessment – General requirements for bodies operating certification of persons) by IAS (International Accreditation Service). ISO 17024 is a global, industry-recognized benchmark, and qualifications accredited to this standard are recognized and highly valued by employers throughout the world.

You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the IBITGQ/GASQ successful candidate register.

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately after completing the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are emailed directly to candidates by the relevant exam board; please note that hard-copy exam certificates are not issued.  

Do I need proof of identity to take the exams?

Candidates must have a form of photographic ID as the invigilator may request to check it before the exams.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt, you can retake the exams for an additional fee.

You can email us to schedule the retest or purchase directly here. 

Ways to learn

Learn your way with our flexible delivery methods

We want you to learn, qualify, and progress, and we are committed to providing learning options for all scenarios: deadline-driven, career-oriented, company-wide, or interest- led.

Instructor-led public courses

Structured learning, with clear direction and guidance from expert practitioners:

  • Focused learning
  • Delivered by expert practitioners
  • Peer support
  • In-the-moment insights

Learn more

Self-paced online learning

Learn and absorb material in a way that works for you:

  • Study at your own pace
  • Cost-effective
  • Bite-sized learning
  • Fits around you

Learn more

Unique blended learning courses

The most effective learning method for professionals:

  • Work around lifestyle challenges
  • A more manageable program
  • Tailored, mastery-based learning
  • Better learning outcomes

Learn more

In-house and corporate training

Learning as a team and building a culture of awareness:

  • Unique to you
  • Peace of mind
  • Improve teamwork
  • Maximize your budget

Learn more



What is DORA?

Why is DORA relevant?

When will DORA be enforced?

Are there any prerequisites?

Who should attend this training course?

How long is this training course?

How long until I receive the course confirmation details?

Customer reviews

This website uses cookies. View our cookie policy
Save 25% on