E Point Perfect
Law \ Legal

OSFI’s Technology and Cyber Risk Management Guideline: Part 1


innovation circuit boardOn July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI) released its final Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need ensure that they have taken steps to comply with the requirements of the Guideline prior to it coming into effect on January 1, 2024.

It is noteworthy that as OSFI released the guidelines, it explained that one rationale for the Guideline was that the “risk environment has created an urgency for enhanced regulatory guidance for FRFIs […]”. This reasoning is consistent with OSFI’s recent focus and pronouncements on cybersecurity readiness and response. The Guideline is not intended to be a “one size fits all” approach, but should be implemented according to the FRFI’s specific risk structure and operational needs.

The Guideline is divided into three broad categories:

  • Governance and Risk Management sets out the expectations for the formal accountability, leadership and structure of FRFIs, the cyber strategies they have in place, and their risk management framework and cybersecurity oversight.
  • Technology Operations and Resilience sets out the expectations around management of risks related to the design, implementation, and recovery of technology assets and services.
  • Cyber Security sets out the expectations for the management and oversight of cyber risk.

Read the full update here.



Source link

Related posts

USTR Releases Draft Questionnaire for Section 301 Economic Impact Analysis

23 Salmonella illnesses linked to bearded dragons

进出口监管最新动态评析:容易忽视的“新”问题——新化学物质进口合规风险(2022年10月刊)

Age Requirements to become NYPD Police Officer

White House to Release Cybersecurity Labeling System for IoT Devices

Can you contest for any changes in a will made by your father?