DORA compliance tool

Third-party ICT risk,
made visible.

DORA Visual maps your entire ICT supply chain — from direct suppliers to sub-processors four tiers deep — and turns a complex regulatory requirement into something you can actually see, analyse, and present.

Request a demo Explore features
4
Supply-chain tiers mapped
8
Export formats
Nodes & connections
2
Platforms — Mac & Windows

See it in action

Sixty seconds, from spreadsheet to map

Watch DORA Visual turn a supplier register into a clear, interactive supply-chain map.

What is DORA Visual?

Your ICT supply chain on one interactive canvas

The Digital Operational Resilience Act requires financial entities to identify, classify, and monitor every ICT third-party provider — including sub-processors. That's a lot of data to manage in a spreadsheet.

DORA Visual is a desktop application that puts every supplier, relationship, and risk indicator on a single animated canvas. It talks directly to the GLEIF LEI registry, generates regulatory-grade reports, and exports to the formats your teams already use.

Built for compliance officers, risk managers, and IT teams who need to get — and stay — DORA-ready.

Core features

Everything you need. Nothing you don't.

From live graph editing to regulatory exports — DORA Visual covers the full compliance workflow in a single desktop app.

  • Interactive 2D network graph

    Animated canvas with smooth zoom, pan, and drag. Nodes auto-arrange into concentric rings by tier so your supply chain stays readable at any scale.

  • 3D WebGL display

    Switch to a fully interactive 3D view powered by Three.js. Rotate, zoom, hover for details. Export the 3D view to PowerPoint or as a GLTF model.

  • GLEIF LEI lookup

    Type a company name and fetch its Legal Entity Identifier directly from the GLEIF register. Ultimate parent chains are resolved automatically — no manual data entry.

  • Risk heatmap

    Top 10 Tier 1 critical suppliers ranked by occurrence. Country concentration (top 5) and sector breakdown give you a full risk picture. Print the dataset in one click.

  • Concentration risk panel

    Identify single points of failure — which business processes depend on which suppliers, and how many critical processes converge on one party. DORA Article 29, surfaced before the audit.

  • Locked stakeholder viewer

    Export a read-only HTML viewer with no editing controls. Share your map with auditors, board members, or regulators — they see everything, can change nothing.

Risk intelligence

Know your concentration risk before the regulator does

DORA Article 29 requires you to assess concentration risk — the danger that multiple critical functions depend on a single ICT provider. DORA Visual makes it visible and printable in seconds.

  • Top 10 Tier 1 suppliers by LEI. Grouped by Legal Entity Identifier — multiple nodes sharing one LEI count as a single party.
  • Country concentration — top 5. See which geographies you're most exposed to. Toggle any country to make its nodes pulse on the canvas.
  • Sector breakdown. Cloud, banking, telecom — know when too many critical suppliers come from the same sector.
  • Visible or full dataset toggle. Analyse only what's shown on screen, or include all nodes — even hidden ones — with one click.
  • Print full report. Opens a clean printable page with the complete supplier, country, and sector tables — audit-ready in seconds.

Regulatory coverage

Built around DORA's requirements

Every feature traces back to a specific regulatory obligation. Here's the mapping.

DORA requirement What DORA Visual does Output
Article 28 — ICT third-party risk
Identify and classify all ICT third-party providers		 Multi-tier network graph (T1–T4) with DORA critical flag per node. Auto-layout keeps the structure readable at any scale. Visual map Excel export
Article 30 — Key contractual provisions
Document contract data per supplier		 Per-node fields for contract value, contract reference, and linked business processes. All fields included in the Verification Report. Verification Report
Article 29 — Concentration risk
Assess reliance on single ICT providers		 Risk heatmap groups suppliers by LEI — multiple nodes with the same legal entity count as one. Concentration panel shows process overlap. Risk heatmap Concentration panel
GLEIF LEI register
Legal entity verification		 Live lookup against GLEIF. Resolves ultimate parent chains automatically. Flags mismatches between entered and registered data. LEI badge per node
Reporting to supervisory authority
Structured data for regulators		 Locked Viewer hands a read-only, interactive version of your map to auditors or supervisors with no editing risk. Locked HTML viewer

Export

Every format your workflow needs

From regulatory reports to board presentations — DORA Visual exports to the right format every time.

  • .pptx

    PowerPoint — shapes

    Fully editable vector slide with your supply chain as native PowerPoint shapes and colour-coded nodes. No screenshot — real objects you can move and style.

  • .pptx

    3D PowerPoint

    Capture the 3D view as a screenshot slide for presentations where the full-rotation model isn't needed.

  • .xlsx

    Verification Report

    Full Excel verification overview for all Tier 1 critical suppliers, or per individual node. Includes LEI, ultimate parent, contract data, DORA status, and linked processes.

  • .xlsx

    Save data (Excel)

    Export all node and edge data to Excel for use in your own reporting workflows or for backup.

  • .vsdx

    Visio diagram

    Export the supply chain as a native Visio file for teams that work in Microsoft's diagramming toolchain.

  • .html

    Locked Viewer

    A self-contained HTML file with the full interactive graph but no editing tools. Safe to distribute to auditors, management, or regulators.

  • .png

    PNG snapshot

    High-resolution screenshot of the current canvas with UI elements hidden. Includes title and date watermark — perfect for emails and reports.

  • .gltf

    3D model (GLTF)

    Export the 3D graph as a GLTF model for use in other 3D applications, WebGL projects, or as an archival format.

Technical

Desktop-native. No cloud. No subscription required.

DORA Visual is an Electron desktop application. Your supply-chain data never leaves your machine.

  • Mac & Windows

    Native desktop app for macOS (Apple Silicon + Intel) and Windows 10/11. Distributed as a signed installer.

  • Auto-update

    Electron-updater checks for new releases automatically. Users get a notification and install in one click.

  • Data stays local

    No cloud storage, no telemetry. Auto-save writes to local storage only. Models are saved as self-contained HTML files you control.

  • Open libraries

    Built on ExcelJS, PptxGenJS, Three.js, and SheetJS — all MIT or compatible open-source licences. No proprietary dependencies.

  • Electron
  • Three.js (WebGL)
  • PptxGenJS 3.12
  • ExcelJS 4.4
  • SheetJS
  • GLEIF API
  • macOS 12+
  • Windows 10/11
DORA compliance deadline: 17 January 2025

Ready to map your supply chain?

Book a 30-minute live demo with the team, or tell us about your supplier register and we'll send you a tailored walkthrough.

Or email hello@doravisual.com. We typically reply within one business day.