Policy · 1h ago
DORA Regulation: Multi-AZ vs Multi-Region for Disaster Recovery
DORA, the EU's Digital Operational Resilience Act, does not mandate specific architectures like multi-AZ or multi-region for disaster recovery. Instead, it requires financial entities to set recovery time and point objectives per function and prove they can meet them. The regulation's secondary processing site requirement applies only to central securities depositories and central counterparties, not typical banks or SaaS vendors.
Meridian48 take
The article correctly notes that DORA is technology-neutral, but companies should still consider multi-region setups for critical workloads to avoid single-region failures.
Read the full reporting
Is Multi-AZ Enough for Disaster Recovery? What DORA Actually Asks of Your Application →
DEV Community
dora-regulationdisaster-recovery