Guides and Resources

CIRO, through its predecessor organization IIROC, published resources to help Dealers protect themselves and their clients against cyber threats and attacks:

  • We have prepared a Ransomware Response Playbook (PDF) that can be used as a guide when dealing with ransomware incidents.
  • The Cybersecurity Self-Assessment Tool was developed to help small and medium-sized investment dealer firms identify areas of strength and weakness based on the information security practices. Request a copy of the tool by filling out this form.
  • The Cybersecurity Best Practices Guide (PDF) provides an enterprise-wide risk-based framework of industry standards and best practices that Dealers can apply to heighten awareness and manage cyber risks in an evolving environment.
  • The Cyber Incident Management Planning Guide (PDF) is a complementary tool for Dealers to prepare effective response plans for cyber threats and attacks.
  • The Cyber Program Governance Guide (PDF) is intended to provide investment dealer members with explicit guidance on how best to implement, manage and advance a cybersecurity program. This document should be read in conjunction with the previous guides. This Guide reflects the experience gained by both IIROC (now CIRO) and investment dealer members in developing and implementing programs to counter cyber threats.
  • Fundamentals of Technology Risk Management (PDF) is a guide to help mainly small and medium-sized investment dealer firms take the first steps towards assessing and managing technology risk. This guide provides some helpful information to investment dealer firms on how to begin building a technology risk management program.