About Cyber Security Canada
The Cyber Security Canada team includes a range of certified professionals in the following fields:
- Penetration Testing
- Security Compliance ISO 27001, CSC etc.
- Incident Response Plans
- CyberSecure Canada Certification
- Business Continuity
Our protection services secure your data by first assessing vulnerabilities and validating security controls through a comprehensive audit of your network infrastructure. This may include penetration testing or “ethical hacking.”
Next, we analyze your security requirements and work with your IT staff to implement the appropriate security controls.
Even with the best security, there are still risks. Should you get hacked – a security or privacy breach – we provide the 24×7 response services and expertise to minimize business, financial and reputation loss.
We guide you through the steps to keep your company safe, secure, compliant and profitable.
Public Policy Statement
Cyber Security Canada, its Top management, Managers, Staff and others involved in the Certification of Management System fully understand the importance of impartiality in undertaking its Certification Activities.
Cyber Security Canada will therefore ensure that in its dealings with clients or potential clients, all employees or other personnel involved in Certification Activities are, and will remain, impartial.
To ensure that impartiality is both maintained and can be demonstrated, Cyber Security Canada has identified and risk assessed all relationships which may result in a conflict of interest or pose a threat to impartiality.
We are currently working on our ISO-17021-1 Accreditation and expect to be completed in early 2021.
INFORMATION ON THE CERTIFICATION ACTIVITY AND REQUIREMENTS
Cyber Security Canada will provide and update clients on the following;
- A detailed description of the initial and continuing certification activity, including the application, initial audits, and the process for granting, maintaining, reducing, extending, suspending, withdrawing certification and recertification.
- The normative reference for certification
- Information about the fees for application, initial certification and continuing certification
- Cyber Security Canada requirements for prospective clients to;
- Comply with certification requirements
- To make all necessary arrangements for the conduct of the audits, including provision for examining documentation and the access to all processes and areas, records and personnel for the purposes of initial certification, surveillance and resolution of complaints, and
- To make provisions, where applicable, to accommodate the presence of observers (e.g. accreditation auditors or trainee auditors)
- Documents describing the rights and duties of certified clients, including requirements, when making reference to its certification in communication of any kind in line with the requirements in for the use of certification marks.
- Information on procedures for handling complaints and appeals.
The audit plan is appropriate to the objectives and the scope of the audit.
The audit plan at least includes the following;
- The audit objectives;
- The audit criteria;
- The audit scope, including identification of the organizational and functional units or processes to be audited;
- The dates and sites where the on–site audit activities (if applicable) are to be conducted, including visits to temporary sites, as appropriate;
- The expected time and duration of on–site audit activities;
- The roles and responsibilities of the audit team members and accompanying persons, such as observers or interpreters.