Technology and Cyber Security Incident Reporting

Jan 30, 2019

In January 2019, the Office of the Superintendent of Financial Institutions (OSFI) released the advisory "Technology and Cyber Security Incident Reporting", which sets out OSFI’s expectations for federally regulated financial institutions (FRFIs) with respect to the reporting of technology and cyber security incidents affecting FRFI operations.

The advisory describes characteristics of incidents that should be reported to OSFI, in addition to initial notification and subsequent reporting requirements.

The advisory comes into effect on March 31, 2019. In the meantime, FRFIs are expected to continue reporting any major incidents according to previous instructions communicated by their Lead Supervisors. Effective March 31, 2019, this Advisory supersedes any prior instructions for technology and cyber security incident reporting.

Review the press release and advisory on the OSFI's website.

Centre for Financial Reporting

Centre for Financial Reporting

Deloitte User?

Centre for Financial Reporting

Technology and Cyber Security Incident Reporting

Related Topics

Related news

SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies

Will Coronavirus lead to more cyber-attacks?

To tame risk, Strengthen the Board-CISO relationship

What are the business benefits of practicing strong cybersecurity?

SEC publishes document on cybersecurity and resiliency

Consider data use before an incident occurs

Related Publications

Board Practices Quarterly: Cyber oversight

Webcast: Cyber risk in the wake of COVID-19: Building greater resilience

OCIE Cybersecurity and resiliency observations

Cybersecurity on the front lines: A call to action

Correction list for hyphenation