Register of Information (ROI) regulatory packages

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • The Register of Information (RoI) is a regulatory reporting requirement under the Digital Operational Resilience Act (DORA) and is supported by the Digital resilience third-party registers application in the Operational Resilience Workspace.

    RoI overview

    The Register of information (ROI) is a structured data package that financial entities must submit to regulators to demonstrate compliance with DORA. It includes information about legal entities, third-party service providers, contracts, and functions.

    Starting with version 21.1.x, users of the Operational Resilience Workspace and Digital resilience third-party registers application can generate regulator-ready RoI packages using the Plain-CSV Report Package option on the download page. The ZIP file includes metadata and report folders structured to regulator specifications, with file names containing LEI, entity ID, and release version. This enhancement ensures EU DORA compliance and supports automated validation workflows.
    Note:
    You can use the Excel master template option to download a document to use for data preparation and internal review and the Plain-CSV reporting package option to download a document to use for regulator submission and compliance validation.

    The RoI framework is designed to align with DORA’s five pillars, particularly ICT third-party risk management and incident reporting. RoI packages generated in the Operational Resilience Workspace follow the European Banking Authority’s structure and validation requirements.

    Digital Resilience Third-party Information Register support for RoI

    The Digital Resilience Third-party Information Register provides the following capabilities to support RoI compliance:

    • Data capture for entities, contracts, functions, and third parties
    • CSV report generation aligned with regulator specifications
    • ZIP packaging with metadata and report folders
    • Validation workflows for technical, schema, and business rule checks
    • Role-based access for managing RoI requests
    Note:

    All RoI-related actions are performed in the Digital resilience third-party registers section in the Operational Resilience Workspace. This workspace provides access to download/upload requests, validation tools, and main templates.

    For more information, see Generate a Register of Information package.