Register of Information (ROI) regulatory packages
The Register of Information (RoI) is a regulatory reporting requirement under the Digital Operational Resilience Act (DORA) and is supported by the Digital resilience third-party registers application in the Operational Resilience Workspace.
RoI overview
The Register of information (ROI) is a structured data package that financial entities must submit to regulators to demonstrate compliance with DORA. It includes information about legal entities, third-party service providers, contracts, and functions.
The RoI framework is designed to align with DORA’s five pillars, particularly ICT third-party risk management and incident reporting. RoI packages generated in the Operational Resilience Workspace follow the European Banking Authority’s structure and validation requirements.
Digital Resilience Third-party Information Register support for RoI
The Digital Resilience Third-party Information Register provides the following capabilities to support RoI compliance:
- Data capture for entities, contracts, functions, and third parties
- CSV report generation aligned with regulator specifications
- ZIP packaging with metadata and report folders
- Validation workflows for technical, schema, and business rule checks
- Role-based access for managing RoI requests
All RoI-related actions are performed in the Digital resilience third-party registers section in the Operational Resilience Workspace. This workspace provides access to download/upload requests, validation tools, and main templates.
For more information, see Generate a Register of Information package.