The Privacy Commissioner of Canada, together with Offices of the Information and Privacy Commissioners of British Columbia and Alberta, created the document, Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization? in 2015 that is still relevant today.
CASL compliance has turned to a new group of actors: the service and infrastructure providers that spammers and fraudsters utilize to perpetrate CASL offences.
Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.