IT disaster recovery, cloud computing and information security news

Canada’s Office of the Superintendent of Financial Institutions (OSFI) has published its final Guideline B-13, which sets out OSFI's expectations for how federally regulated financial institutions (FRFIs) should manage technology and cyber risks such as data breaches, technology outages and more.

Guideline B-13 is organized around three ‘domains’, each of which sets out key components for sound risk management. The domains are:
Governance and Risk Management, Technology Operations and Resilience, and Cyber Security.

Regulated entities have until January 1, 2024, to comply, to give sufficient time to self-assess and put appropriate processes in place.

Guideline B-13 is the product of an extensive consultation process, starting with the September 2020 publication of a discussion paper and a consultation period from September to December 2020. Following the release of OSFI's draft Guideline B-13 in November 2021, OSFI further consulted on its proposed guidance regarding technology and cyber risk from November 2021 to February 2022.

Guideline B-13 is complemented by OSFI's existing guidance and tools, including the Corporate Governance Guideline, Guideline E‑21 (Operational Risk Management), the revised draft Guideline B‑10 (Third-Party Risk Management), the Technology and Cyber Security Incident Reporting Advisory and the Cyber Security Self-Assessment tool.

More details.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.