Evidence under DORA & Governance for Delivery Roundtables

Most DORA discussions stop at people and process. This session explores how to make technical controls work in daily operations – showing how required controls can produce trustworthy evidence across legacy and modern systems.

We’ll keep the tech as an enabler – not a deep dive – and focus on what Dutch insurers are actually doing to reduce manual effort and streamline incident handling.

This is a roundtable, not a presentation. You’ll share how your organization approaches evidence, traceability, and incidents; you’ll hear how peers do it; and together you’ll build a clearer view of what’s practical now and what can wait for later.

What we’ll align on with peers:

• What “good enough” audit evidence looks like in practice
• Where evidence should live – systems/tools vs. manual trackers
• What’s realistic to automate now vs. defer
• How teams keep DORA registers current and owned

Rules evolve and governance must keep pace. We’ll translate familiar frameworks into clear roles and simple handovers that people follow, so controls support delivery and customer or agent journeys instead of slowing them down.

Perhaps everything is procedurally sound, but does this also say anything about actual governance? Governance can contribute significantly to your business objectives by integrating external standards as an integral part of the organization’s governance.

This is peer-to-peer discussion. You’ll compare how your organization splits responsibilities between delivery teams, risk/compliance, and internal audit; where handoffs break; and how others have simplified checks without weakening control strength.

What we’ll align on with peers:

• How to use the evidence your controls produce
• Balancing required compliance vs. what more you can achieve
• Whether checks and balances are owned by employees or driven externally
• Moving beyond “cosmetic accountability”