Self-assessment Surveys

IIROC (now CIRO) conducted cybersecurity self-assessment surveys of all Dealers in 2016 and 2018. The surveys were based on the National Institute of Standards and Technology (NIST) cybersecurity framework.

After the results were analyzed and risk-scored, IIROC (now CIRO) issued a confidential Cybersecurity Report (CSR) to each Dealer:

  • identifying their level of cybersecurity maturity/preparedness and vulnerabilities, and
  • setting out high-level recommendations for priority attention.