07 — Service

OSFI B-13 & ITSG-33 Advisory

Specialist advisory for Canadian federally regulated financial institutions (OSFI Guideline B-13) and federal departments and agencies (CCCS ITSG-33) — delivered by consultants with direct sector experience.

Overview

Sector-specific support for federally regulated financial institutions (OSFI Guideline B-13) and federal departments (CCCS ITSG-33). Control implementation, third-party risk programs, cyber resilience testing and authority-to-operate (ATO) support.

Our Methodology

01
Maturity assessment — against B-13 domains or ITSG-33 control families.
02
Control implementation — policy, process and technical changes mapped to the relevant guideline.
03
Third-party risk programme — for FRFIs, including critical third-party concentration analysis.
04
Cyber resilience testing — scenario-based exercises and technical resilience validation.
05
ATO / examination support — evidence packaging and direct engagement with OSFI examiners or CCCS authorities.

What You Receive

Maturity assessment report with target-state roadmap.
Control implementation documentation and evidence library.
Third-party risk register (FRFIs) or Security Assessment Report (federal).
Tabletop exercise reports and resilience test findings.
Examination/ATO support pack.

Frequently Asked Questions

Ready to strengthen your security posture?

Discuss this engagement

Next service

Penetration Testing

OSFI B-13 & ITSG-33 Advisory

Overview

Our Methodology

What You Receive

Frequently Asked Questions

Do you have CCCS-cleared consultants?

Can you support OSFI examination preparation?

Do you work with credit unions and provincially regulated firms?

Ready to strengthen your security posture?