Lois et règlements codifiés
Lois codifiées
Règlements codifiés
Lois et règlements annuels
Lois annuelles
Règlements annuels
Information complémentaire
L’Éditeur officiel du Québec
Quoi de neuf?
Note d’information
Politique du ministre de la Justice
Lois : Modifications
Lois : Dispositions non en vigueur
Lois : Entrées en vigueur
Lois annuelles : Versions PDF depuis 1996
Règlements : Modifications
Règlements annuels : Versions PDF depuis 1996
Décisions des tribunaux
A-8.2, r. 0.1 - Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents
FrançaisArticle 5
Versions de la disposition
5. Where an information security incident with potentially adverse impacts is reported to the officers or, where applicable, the managers of a financial institution or a credit assessment agent, the financial institution or the credit assessment agent must, not later than 24 hours from the time the incident is so reported, notify the Authority of the incident.
The financial institution or the credit assessment agent must, within that same period, also notify the Authority of any information security incident that has been reported or been the subject of a notice to a regulatory body, a person or a body responsible under law for the prevention, detection or repression of crime or statutory offences or contractually responsible for providing compensation for injury that may have been caused by the incident.
In force: 2025-04-23
5. Where an information security incident with potentially adverse impacts is reported to the officers or, where applicable, the managers of a financial institution or a credit assessment agent, the financial institution or the credit assessment agent must, not later than 24 hours from the time the incident is so reported, notify the Authority of the incident.
The financial institution or the credit assessment agent must, within that same period, also notify the Authority of any information security incident that has been reported or been the subject of a notice to a regulatory body, a person or a body responsible under law for the prevention, detection or repression of crime or statutory offences or contractually responsible for providing compensation for injury that may have been caused by the incident.
