News & Updates

OSFI publishes new guideline for technology and cyber risk management

Authors:
BMKP Logo

August 03, 2022

hand touching a cybernetic globe

The Office of the Superintendent of Financial Institutions (OSFI) has published a new guideline — Technology and Cyber Risk Management — which sets out OSFI’s expectations for how federally regulated financial institutions (FRFIs) should manage technology and cyber risks such as data breaches, technology outages and more.

The Guideline is organized into three domains:

  1. Governance and Risk Management — Sets OSFI’s expectations for the formal accountability, leadership, organizational structure and framework used to support risk management and oversight of technology and cyber security.
  1. Technology Operations and Resilience — Sets OSFI’s expectations for management and oversight of risks related to the design, implementation, management and recovery of technology assets and services.
  1. Cyber Security — Sets OSFI’s expectations for management and oversight of cyber risk.

The final Guideline B-13 comes into effect Jan. 1, 2024.

More Information

Share
Print this Page icon

Read More

Coal/mine workers in Sask, Canada}

September 15, 2025
Arbitrator declines to hear union grievance over short-term disability provider's medical forms, citing jurisdictional limits
Upward graph on blue background}

September 12, 2025
Canadian pension plans return 0.6% in second quarter; median up 1.8% for the year-to-date: Northern Trust
Credit Union Dispute}

September 10, 2025
Union loses bid to compel employer to implement jointly sponsored pension plan as B.C. Supreme Court holds contract terminated by prior damages claim
Canadian Federal Govt}

September 08, 2025
Federal government's proposed amendments to Income Tax Act include pension-related changes

See More Media