Site Visits

In 2017 and again, in 2019, IIROC (now CIRO) engaged cybersecurity consultants and visited selected Dealers whose cybersecurity self-assessment maturity levels were below the expected target of their industry peer group.

The goal of these reviews was to confirm the firms’ self-assessment responses, and collaborate with and advise on how to improve their preparedness for the overall protection of customer data and market integrity. As part of this discussion, the Dealer’s main systems and data touch-points were identified and documented in a high-level flowchart, as well.

The Dealer received a report from IIROC (now CIRO) and the consultant detailing the results of these discussions and outlining recommendations for improvement.