.jpg)
This Guide was developed as a high-level document, through independent research, discussions and consultations with various firms1 . The objective of this guide is to help mainly small and medium-sized IIROC firms take the first steps towards assessing and managing technology risk. For larger IIROC firms, technology risk management is generally incorporated within a formalized enterprise risk management (ERM) framework that includes an internal audit function to validate the firm’s governance, risk and controls.
Click here for full details.
