Cyber security risks and incidents: Reassessing your disclosure practices

Published on: Apr 30, 2017

Investors are increasingly interested in understanding an organization’s exposure to cyber security risk and the related policies, processes and controls in place to address this risk.

On January 19, 2017, the Canadian Securities Administrators (CSA) published CSA Multilateral Staff Notice 51-347 Disclosure of cyber security risks and incidents (CSA Staff Notice 51-347 or Staff Notice) which outlined expectations for disclosures by reporting issuers relating to cyber security risks and cyber incidents.

This alert also provides considerations for management and boards of reporting issuers when assessing their cyber risk disclosure practices.


Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.