theCISO.ca

Available in Canada + the United States

Same proven approach, delivered remotely or on-site as needed. Ideal for teams that want executive clarity, fast execution, and evidence-ready outcomes.

Canada (CAD)

Pricing is based on a $1,500 CAD/day rate. Invoices can be issued in CAD.

United States (USD)

US engagements can be invoiced in USD (FX-aligned). Scope and deliverables remain identical.

Cross‑border compliance

Support for SOC 2, ISO 27001, vendor risk, and board reporting across Canadian and US stakeholder expectations.

Home / Packages / Fractional Retainer

Fractional CISO Retainer (Monthly)

Ongoing security leadership, governance, and execution oversight. Best for teams that need a CISO-level operator without a full-time hire.

Book 15-minute call edc@theciso.ca

What you get monthly

  • Leadership
    Security strategy tied to business outcomes and capacity.
  • Governance
    Executive reporting, steering committees, and risk decisions.
  • Oversight
    Roadmap execution tracking, vendor negotiations, tool rationalization.
  • Readiness
    Incident response planning, tabletop exercises, and resilience updates.

Pricing

Retainers are sized to your needs and run at CAD 1,500/day.

DeliverableWhat you get
Light (4 days/month)CAD 6,000/month — governance + reporting + advisory.
Standard (8 days/month)CAD 12,000/month — leadership + oversight + execution support.
Intensive (12+ days/month)CAD 18,000/month and up — programs, transformations, or heavy audits.
Tip: Many teams start with the 4-week Snapshot, then convert into a monthly retainer with a clear roadmap.

Typical monthly deliverables

DeliverableWhat you get
Monthly exec reportTop risks, progress against roadmap, decisions needed, and KPIs.
Risk register updatesOwners, due dates, and changes in likelihood/impact as controls ship.
Vendor posture reviewsTool tuning, renewal decisions, and procurement alignment.
Security leadership coachingEnable your IT leaders and engineers to own security-first outcomes.
Incident readiness touchpointsRunbook updates and response coordination.
Book 15 minutes See the full service

Explore the Security Topics That Move the Needle

Clear internal structure for humans and search engines — and a practical path from priority to measurable outcome.

AI Governance & Security
Shadow AI, model risk, prompt injection, and data leakage controls — built for auditability.
PolicyVisibilityGuardrailsAuditability
GRC That Executives Can Run
Risk, controls, evidence, and board-ready reporting — without fire drills.
BoardEvidenceKPIsFrameworks
IAM, RBAC & IGA
Least privilege, lifecycle automation, and measurable reduction in identity risk.
Least privilegeIGAPAMReviews
SASE & CASB Guardrails
Modern access + SaaS data controls that don’t break the business.
ZTNACASBDLPSaaS
Vendor Risk & Integrations
Scale third‑party reviews, secure integrations, and reduce SaaS risk as you grow.
Third-partySSO/SCIMLoggingAPIs
Packages
Time‑boxed outcomes: board risk snapshot, 90‑day foundation, and ongoing fractional CISO.
4 weeks90 daysRetainerOutcomes

Latest Cybersecurity News

See more →
Loading…
Loading latest headlines.
Loading…
Loading latest headlines.
Loading…
Loading latest headlines.
Loading…
Loading latest headlines.