Cat-22 · T307 · DORA & Digital Resilience

DORA Proportionality Assessment

Classify your entity under DORA Article 3/4 proportionality criteria — full, simplified, or micro regime. Quantitative thresholds (assets, revenue, employees, AUM), qualitative complexity factors, and a full obligation mapping per classification tier. Client-side. Zero PII.

Art. 3/4 Classification Obligation Mapping Zero PII Client-Side

🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only.

🏦 Entity Details

Entity Name (optional)

Entity Type (DORA Annex)

📊 Quantitative Thresholds

DORA Article 4 criteria for simplified ICT risk management. Enter approximate figures.

Total Assets (€ million)

Microenterprise threshold: < €10M | Art. 4 simplified: < €5B

Annual Net Revenue (€ million)

Microenterprise: < €2M; Small/medium: < €40M

Number of Employees

Microenterprise: <10; Small: <50; Medium: <250

AUM / Notional Managed (€ billion)

For investment firms, AIFMs, UCITS managers — 0 if not applicable

🔍 Qualitative Factors (Article 4(1))

Systemic Importance

Interconnectedness Level

Cross-Border Activity

ICT Complexity

Critical ICT Third-Party Providers (CTPPs)

Passporting / EBA Register Listed

🗂️ DORA Article 4 Criteria Scorecard

📋 Applicable DORA Obligations

📈 Proportionality Dimension Scores

📚 References

DORA Regulation (EU) 2022/2554, Articles 3 & 4 — Scope and proportionality.
DORA Article 16 — Simplified ICT risk management framework for certain financial entities.
EBA/JC/2023/86 — Final Report on RTS specifying elements for simplified ICT risk management framework.
Commission Delegated Regulation (EU) 2024/1774 — RTS on simplified ICT risk management framework.
EBA, "DORA Proportionality Guidelines," 2023 — Guidance for NCA supervisory convergence.