This event is designed to help credit unions make practical use of the Central Bank’s IT Thematic Review as a foundation for stronger oversight and future regulatory readiness.
Rather than treating the CBI requirements as a one-off compliance exercise, we will focus on how they can be used to build a clear, structured path towards meeting the expectations of the Digital Operational Resilience Act (DORA).
The session will explain, in straightforward terms, what the CBI framework is really asking for, how it links directly to DORA, and—most importantly—how organisations can prioritise their efforts to strengthen control, improve visibility of IT risk, and develop a realistic roadmap towards DORA readiness.
The emphasis throughout will be on practical application—what boards, CEOs, and risk functions need to understand, what evidence is expected, and how to move from documentation to real, demonstrable control.
List of Topics Covered:
- What the CBI Thematic Gap Analysis Is Actually Pointing To
- IT Governance, Core Pillars, CBI Gap Analysis & DORA.
- Where they overlap
- Ability to demonstrate compliance evidence
- Management Information, Board IT Risk Understanding & Decision Making
- CBI Thematic (Sept25) IT Review to DORA bridge
Date: August 5, 2026
Time: 10am-11am
Location: Online via Zoom
Brian Andrews
Brian Andrews of Andrews Duffy, advises boards and senior management teams across the Irish financial-services sector on IT risk, governance, and operational resilience. He specialises in translating regulatory requirements—including DORA, Central Bank of Ireland expectations and other risk & compliance frameworks into practical, board-level frameworks that are proportionate, evidence-led, and defensible. Acting as a trusted advisor and fractional IT Manager (vCIO), Brian works closely with organisations to strengthen oversight, challenge assumptions, project management and ensure technology and outsourcing risks are clearly understood, managed, and evidenced at board level.
His work focuses on converting complex technical and regulatory requirements into board-ready evidence, decisions, and defensible assurance.
Through Andrews Duffy, he provides independent governance, oversight, and assurance services on behalf of boards and senior management.