This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice ( for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

Cyber security risks and incidents: Reassessing your disclosure practices

Published on: Apr 30, 2017

Investors are increasingly interested in understanding an organization’s exposure to cyber security risk and the related policies, processes and controls in place to address this risk.

On January 19, 2017, the Canadian Securities Administrators (CSA) published CSA Multilateral Staff Notice 51-347 Disclosure of cyber security risks and incidents (CSA Staff Notice 51-347 or Staff Notice) which outlined expectations for disclosures by reporting issuers relating to cyber security risks and cyber incidents.

This alert also provides considerations for management and boards of reporting issuers when assessing their cyber risk disclosure practices.


Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.