Lois et règlements codifiés
Lois codifiées
Règlements codifiés
Lois et règlements annuels
Lois annuelles
Règlements annuels
Information complémentaire
L’Éditeur officiel du Québec
Quoi de neuf?
Note d’information
Politique du ministre de la Justice
Lois : Modifications
Lois : Dispositions non en vigueur
Lois : Entrées en vigueur
Lois annuelles : Versions PDF depuis 1996
Règlements : Modifications
Règlements annuels : Versions PDF depuis 1996
Décisions des tribunaux
A-8.2, r. 0.1 - Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents
FrançaisArticle 10
Versions de la disposition
10. A financial institution or a credit assessment agent must maintain a current information security incident register that shall include, for each incident:
1° the date and time of the incident;
2° the location of the incident;
3° the nature of the incident;
4° a detailed description of the incident, including the information specified in paragraph 2 of section 9;
5° any injury caused by the incident;
6° any third parties involved in the incident;
7° actions taken;
8° whether the residual risk is accepted or not accepted and the rationale for accepting or not accepting it;
9° planned actions; and
10° the incident close date.
In force: 2025-04-23
10. A financial institution or a credit assessment agent must maintain a current information security incident register that shall include, for each incident:
1° the date and time of the incident;
2° the location of the incident;
3° the nature of the incident;
4° a detailed description of the incident, including the information specified in paragraph 2 of section 9;
5° any injury caused by the incident;
6° any third parties involved in the incident;
7° actions taken;
8° whether the residual risk is accepted or not accepted and the rationale for accepting or not accepting it;
9° planned actions; and
10° the incident close date.
