Advisory services for a leading credit institution aimed at validating and integrating the internal regulatory framework on cybersecurity, with reference to the European sectoral regulatory constellation (NIS2, DORA, GDPR, and AI Act). The activity focused on the development of a unified digital risk governance model, aimed at integrating technical resilience, organizational oversight, and legal accountability. The work strengthened the coherence between cybersecurity safeguards and corporate control functions, fostering a cross-cutting perspective on digital risk and its systemic impact.