Please choose between the following three options for navigation.
This is your source for CPA Canada's tools and resources related to cybersecurity.
In today's fast-paced, highly connected business environment, various aspects of an organization's business activities are carried out in "cyberspace." Cyberspace is where people and organizations create an electronic presence and engage in virtual activities, exchanging information, products, and services through the Internet.
While operating in cyberspace offers many advantages, it also makes organizations vulnerable to cyber attacks. These threats apply to all organizations, including:
The term "cybersecurity" refers broadly to the processes and practices in place to protect computer systems and data from threats originating in cyberspace. Accountability for aspects of cybersecurity may fall across many areas of an organization.
Given the significant reputational, operational, financial, legal, and regulatory implications of recent high-profile data breaches, investors and other stakeholders are increasingly interested in understanding an organization's exposure to cybersecurity risk and the related policies, processes, and controls it has in place to address this risk.
CPA Canada is committed to supporting its members through various tools and resources to promote awareness and understanding of cybersecurity risks:
Cyber Security: Establishing a Risk Management Program and Reassessing Disclosure Practices
Learn about considerations for the management of all entities in developing a cyber security risk management program, and obtain an update on the current disclosure environment for registrants and reporting issuers.
Cyber Security Risks and Incidents: Reassessing Your Disclosure Practices
This reporting alert provides an update of recently issued guidance by Canadian securities regulators on the disclosure of cyber security risks and incidents.
IT Security Practices
Mobile technology, cloud computing and bring your own device (BYOD) policies have created new securities issues and concerns for information technology (IT). Learn the benefits, issues and risk-management strategies for good security practices.
Managing Cybersecurity Risk: How to Get Started
Get an overview of the top cybersecurity risks Canadian organizations are facing today and practical steps you can take to protect your organization from a cybersecurity breach.
Cybersecurity Disclosure Study: Key Highlights
What are Canadian companies disclosing about cybersecurity risks and incidents? CPA Canada and EY teamed up to study the 2019 cyber-related disclosures of 60 TSX listed companies. This report outlines some key findings.
Cybersecurity Practices and Reporting Trends (webinar)
As many organizations have learned, cyberattacks are no longer a matter of if, but when. Learn how evolving challenges around cybersecurity-related risks and incidents have placed focus on enhanced communication through disclosures.
On the Radar: A Cybersecurity Bulletin for Directors
This bulletin provides valuable insights into five pressing cybersecurity and privacy themes directors must be aware of to help them oversee modern cyber risks. Topics include the internet of things, mandatory disclosure, third-party risk, privacy and more.
CPA Canada Guide – SOC for Cybersecurity
A non-authoritative guide originally published by the AICPA and adapted for Canadian standards. This guide is for practitioners engaged to report on an entity's cybersecurity risk management program and controls.
It’s said that a crisis brings out the best in people and, in most cases, that’s true. But there is a dark side to tough times, as fraudsters prey on people who are uncertain and looking for easy answers.
March 18, 2020
The federal government’s actions and fiscal support to address the widespread and devastating economic fallout of the COVID-19 pandemic are welcomed by Chartered Professional Accountants of Canada (CPA Canada).
Listen to this special edition Practitioner’s Pulse webinar where we answer some frequently asked questions around practice management issues and some key financial reporting and auditing implications of COVID-19.