Guides and Resources

IIROC published resources to help Dealers protect themselves and their clients against cyber threats and attacks:

  • We have prepared a Ransomware Response Playbook (pdf) that can be used as a guide when dealing with ransomware incidents.
  • The Cybersecurity Self-Assessment Tool was developed by IIROC to help small and medium-sized IIROC firms identify areas of strength and weakness based on the information security practices. Request a copy of the tool by filling out this form.
  • The Cybersecurity Best Practices Guide (pdf) provides an enterprise-wide risk-based framework of industry standards and best practices that Dealers can apply to heighten awareness and manage cyber risks in an evolving environment.
  • The Cyber Incident Management Planning Guide (pdf) is a complementary tool for Dealers to prepare effective response plans for cyber threats and attacks.
  • The IIROC Cyber Program Governance Guide (pdf) is intended to provide IIROC dealer members with explicit guidance on how best to implement, manage and advance a cybersecurity program. This document should be read in conjunction with the previous guides. This Guide reflects the experience gained by both IIROC and dealer members in developing and implementing programs to counter cyber threats.
  • Fundamentals of Technology Risk Management (pdf) is a guide to help mainly small and medium-sized IIROC firms take the first steps towards assessing and managing technology risk. This guide provides some helpful information to IIROC firms on how to begin building a technology risk management program.

Welcome to CIRO.ca!

You can find the Canadian Investment Regulatory Organization (CIRO) at CIRO.ca with our fresh look and feel.

The following sections of the legacy mfda.ca and iiroc.ca sites have been migrated to ciro.ca:

  • Enforcement
  • Hearings
  • Consultations
  • A unified member directory (Dealers We Regulate)
  • Advisor Report

We will continue moving items off MFDA and IIROC in 2024. Stay tuned for future updates.