T306 · Cat-22 · DORA & Operational Resilience · Concentration Risk
Model ICT concentration risk across your provider portfolio per DORA Art. 29. Input provider names, service categories, CIF dependency %, and substitutability. Includes all 19 designated CTPP providers. Outputs HHI index, SPOF flags, CTPP exposure, diversification recommendations, and Policy Mandate JSON risk register. Client-side. Zero PII.
Policy Mandate Export
v1.0
Scope & reliance — 🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only. Embedded rates, thresholds, and regulatory citations are static reference values that may age — verify against current primary sources and your own data before relying on any output for commercial, legal, or compliance decisions. Deterministic logic · no inference · zero PII · CC BY 4.0.
Educational Use Only
This tool provides a self-assessment / educational framework for internal planning purposes only. It is not a regulatory audit, legal advice, or a substitute for a formal compliance review by a qualified advisor. Verify all interpretations against the official source text and applicable RTS/ITS/guidance published by the relevant authority.