New Alberta Regulation Sets May 31 Deadline for Critical Infrastructure Security Compliance
A major change is coming for Alberta’s critical infrastructure operators.
Effective May 31, 2025, the Security Management for Critical Infrastructure Regulation (AR 84/2024) comes into force. This new provincial regulation requires owners of designated petroleum and natural gas infrastructure to implement a Security Management Program (SMP) that aligns with the national CSA Z246.1:21 standard.
What Does This Mean for Your Business?
The CSA Z246.1:21 standard outlines specific requirements that must be integrated into your operations, including:
Defined security governance and accountability
Asset characterization and threat assessments
Documented risk mitigation strategies
Physical and cybersecurity protocols
Personnel screening and access controls
Incident response and review procedures
These requirements are not optional. The regulation applies regardless of your company’s size or the number of assets you operate. Failing to comply may result in penalties or increased liability exposure in the event of a security incident.
How Ammolite Security Can Help
Meeting the CSA Z246.1:21 standard requires more than just policy updates. It demands a structured, auditable approach to securing your infrastructure—and that’s where we come in.
Ammolite Security offers:
Comprehensive gap assessments against CSA Z246.1:21
Full Security Management Program development
Cyber and physical threat modeling
Incident response planning and tabletop exercises
Regulatory audit preparation and support
Act Now - The Deadline is Approaching
The May 31st enforcement date is fast approaching. Now is the time to ensure your organization is prepared, protected, and compliant.
Let’s build a security program that meets regulatory requirements and strengthens your organization’s resilience.