DORA Operational Resilience Meets DORA Engineering Metrics: Two DORAs, One Compliance Nightmare

By Ido Neeman

Engineering DORA metrics just became regulatory DORA compliance. Your MTTR is now legally mandatory. and most financial institutions can't prove theirs. Here's why, and how to get it right.

Governance

Tips & tricks

Cloud tooling

Published Nov 10, 2025

Recovery time objectives look great in compliance reports. They satisfy auditors. They make executives sleep better at night. But when disaster actually strikes? They collapse like a house of cards (just think about the most recent AWS outage, and all the organizations affected).

The Digital Operational Resilience Act (DORA) is about to make this uncomfortable reality impossible to ignore. For financial institutions, the era of untested disaster recovery plans is over. Regulators now demand proof that you can recover your critical systems: not in theory, but in measurable practice, with evidence. Under pressure. Repeatedly.

Here's what most organizations are discovering: their recovery strategy was always built on wishful thinking.

The Two-Hour RTO That Took Eleven Hours

Picture this. A FinTech company had a textbook disaster recovery plan. Two-hour RTO. Multi-region redundancy. Regular backups.

Then an IAM misconfiguration triggered a cascading production outage. The data backups were pristine. The infrastructure-as-code? Hopelessly outdated. Reapplying old Terraform templates introduced conflicts. Rollbacks failed.

Actual recovery time? 11 hours.

Not because the team was incompetent. Not because they lacked backups. But because recovering data and recovering a functioning application are fundamentally different problems, and because most DR plans only solve the first one.

Why Backups Are Only 20% of the Solution

A database snapshot is not a recovery plan.

Modern cloud applications are intricate webs of microservices, Kubernetes clusters, IAM policies, networking rules, secrets management, and dependencies spanning multiple cloud providers.

Your database is backed up, but:

What about the IAM roles that grant access?
The VPC configurations that route traffic?
The Kubernetes secrets?
The load balancer rules?
The DNS records?
The observability stack that tells you if recovery actually worked?

Legacy backup tools capture state at a point in time. They have no concept of operational context: the configurations, dependencies, and policies that make applications function.

When teams discover this gap during an outage, recovery takes days of manual reconstruction, reverse-engineering undocumented infrastructure from Slack threads and internally-sourced knowledge.

CAIRS: Admitting Recovery Was Broken All Along

Gartner just created an entirely new market category: Cloud Application Infrastructure Recovery Solutions (CAIRS). Not "better backups," but a complete rethinking of what recovery means in cloud-native environments.

CAIRS solutions don't just preserve data. They codify entire application stacks (think: infrastructure configurations, service dependencies, access policies, networking topology). They ensure the full operational context required to restore functionality, not just storage.

Firefly was recognized as one of only three vendors in this inaugural category.

Two DORAs, One Compliance Nightmare

There are actually two DORAs converging in ways that should terrify traditional DR vendors.

Engineering DORA gave us four metrics for high-performing teams: deployment frequency, lead time, change failure rate, and mean time to recovery (MTTR).
Regulatory DORA just made those metrics legally mandatory for financial institutions.

Organizations must:

Define and prove specific RTOs and RPOs
Test recovery plans regularly, not annually
Demonstrate the ability to migrate workloads if a cloud provider fails
Accept full accountability (that means no pointing fingers at cloud vendors)

If your actual MTTR doesn't match your documented RTO, you're not just operationally unprepared. You're non-compliant.

Most organizations have never measured their real recovery time under production conditions. DORA demands they do exactly that. And prove it.

Why Disaster Recovery-as-Code Actually Matters

Traditional disaster recovery is documented fiction. Runbooks six months out of date. Terraform configs that don't reflect production. Manual steps only three people know — and one of them is no longer on your team.

Disaster Recovery-as-Code changes the game.

Every layer of your infrastructure becomes code. IAM policies, networking configurations, Kubernetes manifests, service dependencies: everything. Version-controlled, tested, and deployed through automated pipelines.

When disaster strikes, recovery is redeployment, not reassembly.

The DORA compliance implications:

Continuous testing: Spin up recovery environments on-demand, validate, tear down. No more dreaded annual DR drills.
Audit trails by default: Every change, test, and recovery is logged. Regulators want evidence? Here's your git history.
Portable by design: Redeploy to another cloud provider if your primary fails. DORA's exit strategy requirement? Solved.
Real MTTR, not fantasy RTO: You're measuring actual recovery time with every test.

The Accountability Problem No One Wants to Talk About

DORA's most radical requirement: financial institutions are accountable for resilience.

Your cloud provider has an outage? Your problem. Your backup vendor's tool goes down? Your problem. Regulators don't care about vendor SLAs. They want to know that you can recover independently.

This exposes a critical flaw in most CAIRS solutions: they're built on the cloud providers' own tooling. If AWS is down, your AWS-native recovery tool is also unavailable. Firefly operates as an independent control plane outside the failing environment: giving you actual independence when it matters most.

What's Your Real MTTR? (You Don't Know)

Stop thinking about your documented RTO. Start measuring your actual Mean Time to Recovery.

RTO is aspirational. It’s a number that makes executives comfortable. MTTR is reality: how long it actually takes to go from "everything is on fire" to "we're operational."

Most organizations have no idea what their real MTTR is. They've never tested end-to-end recovery at production scale under actual failure conditions.

DORA is about to force them to find out. The gap between RTO and real MTTR is where compliance fails, customer trust evaporates, and board conversations get uncomfortable.

Every Industry Is Next

DORA isn't just a banking problem. Financial services got hit first because regulators worry about systemic risk. But every industry is headed toward the same reckoning. The CAIRS category is codifying what the market already knows: traditional disaster recovery is fundamentally broken for cloud-native applications.

Stop Lying to Yourself About Recovery

You can't just claim you can recover in two hours anymore. You have to prove it with tests, evidence, and real MTTR data. For organizations relying on backup tools designed for last decade's infrastructure, that's a scary reality.

For those who've embraced Disaster Recovery-as-Code? It's validation. And fortunately, Firefly customers aren't scrambling to meet DORA requirements because they're already there.

The gap between your RTO and reality is fixable. Now, DORA is the wake-up call. Will you answer it before or after your next outage?

‍

Featured blog posts

The Day-to-Day Use Cases: What Puts Firefly Among the Best Platform Engineering Solutions for Modern Cloud Complexity

Big Disaster, Slow Recovery: Why Most Disaster Recovery Strategies Failed During the AWS Outage

DORA Metrics for DevOps: How to Go Beyond Measurement and Improve Performance

Related case studies

Aspyr gains visibility and control in the wake of cloud chaos

How AppsFlyer achieved 84% greater platform engineering efficiency with Firefly

How Aqua Security achieved 100% visibility and governance over their infrastructure

Play Asset Mutations Racer

Welcome to the Asset Mutations Racer

Your mission: track, manage, and control changes across your entire cloud ecosystem.

An asset mutation occurs when an asset revision is made in your cloud infrastructure. Some are beneficial and lead to a well-controlled cloud, but others are harmful, creating risk and waste.

Use your ↑up and ↓down arrow keys to collect as many beneficial asset mutations as possible.

Avoid harmful asset mutations! Firefly enables rollbacks, but—in this game—you are only allowed 3. When you apply a harmful mutation and are out of rollbacks, your services will be disrupted and it is game over.

Play Drift Defender

Firefly Drift Defender

Score: 0 | High Score: 0

Welcome to Firefly Drift Defender!

Your mission is to prevent drifts in your cloud infrastructure. A drift occurs when the desired state defined in your configuration files doesn't match the actual state of your cloud infrastructure, which can cause deployment issues and security risks.

In this game, you are trying to prevent drift in your Databases, Network, Server, and Storage configurations. When a drift occurs, a resource will catch on fire.

Click on the drifted resource to automatically remediate it, and earn points.

Sadly, your platform engineers are making several manual changes in your cloud consoles, so you'll experience more drifts over time. When you have 5 drifts simultaneously, your services will be disrupted and the game will be over.

Game Over

Your Score: 0

Your High Score: 0

Play Ghosty Cloud

Firefly Ghosty Cloud

score2: 0 | High score2: 0

Welcome to Firefly Ghosty Cloud!

Your mission is to avoid ghosted resources in your cloud infrastructure.

A ghosted resource was once created through Infrastructure as Code (IaC) but has since been deleted or is missing from the actual cloud infrastructure.

In this game, use your spacebar to avoid ghosted resources in your cloud.

The further you go without encountering a ghost resource, the more points you earn for having a reliable and immutable cloud infrastructure.

Game Over

Your score: 0

Your high score: 0

DORA Operational Resilience Meets DORA Engineering Metrics: Two DORAs, One Compliance Nightmare

The Two-Hour RTO That Took Eleven Hours

Why Backups Are Only 20% of the Solution

CAIRS: Admitting Recovery Was Broken All Along

Two DORAs, One Compliance Nightmare

Why Disaster Recovery-as-Code Actually Matters

The Accountability Problem No One Wants to Talk About

What's Your Real MTTR? (You Don't Know)

Every Industry Is Next

Stop Lying to Yourself About Recovery

Featured blog posts

The Day-to-Day Use Cases: What Puts Firefly Among the Best Platform Engineering Solutions for Modern Cloud Complexity

Big Disaster, Slow Recovery: Why Most Disaster Recovery Strategies Failed During the AWS Outage

DORA Metrics for DevOps: How to Go Beyond Measurement and Improve Performance

Related case studies

Aspyr gains visibility and control in the wake of cloud chaos

How AppsFlyer achieved 84% greater platform engineering efficiency with Firefly

How Aqua Security achieved 100% visibility and governance over their infrastructure

Curious to learn more about IaC? Explore our free resources or schedule a demo.

Play Asset Mutations Racer

Firefly Asset Mutations Racer

Welcome to the Asset Mutations Racer

Your Cloud Asset Mutations

Game over

Play Drift Defender

Firefly Drift Defender

Welcome to Firefly Drift Defender!

Your Infrastructure

Game Over

Play Ghosty Cloud

Firefly Ghosty Cloud

Welcome to Firefly Ghosty Cloud!

Game Over