SOURCE 0 - DORA VOCABULARY
Compliance officers, boards, and cyber insurers ask the same ten questions about DORA in different words: can a bank prove its own incident timeline, does TLPT close the gap, does a qualified timestamp settle the matter. This page states each question in plain language and maps it to the precise SOURCE 0 term that answers it, without requiring the reader to learn the vocabulary first.
SOURCE 0 - THE DORA NOTIFICATION PARADOX
DORA requires a bank to prove when it became aware of an incident and when it classified it as major — the two instants a regulator disputes most. Both are written exclusively by the bank itself. This article examines why TLPT, Article 6 internal audit, and third-party oversight do not supply an independent witness to either instant, and what a pre-execution, third-party-deposited fixation adds to the DORA timeline.

