5,736 bytes added
, 08:36, 14 April 2021
<div class="center"><div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">[[File:JoinusonGCconnex.png|link=http://gcconnex.gc.ca/groups/profile/2785549/gc-enterprise-security-architecture-gc-esa]]<br />[[File:ESAcontactus.png|link=mailto:ZZTBSCYBERS@tbs-sct.gc.ca]]</div> [[File:GOC ESA.jpg|center|link=http://www.gcpedia.gc.ca/wiki/Government_of_Canada_Enterprise_Security_Architecture_(ESA)_Program]] <div class="center">
{| style="border: 2px solid #000000; border-image: none;" width="1000px"
|-
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="175px" | [[Government of Canada Enterprise Security Architecture (ESA) Program|ESA Program Overview]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[ESA Backgrounder (Strategy)|ESA Foundation]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[ESA Requirements|ESA Artifacts]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[Cloud Security Initiative|ESA Initiatives]]
! style="background: #C495F0; color: black" width="20%" scope="col" " width="125px" | [[ ESA Tools and Templates]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[GC ESA Artifact Repository|ESA Reference Materials]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="100px" | [[ESA Glossary| Glossary]]
|}
{| style="border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1000px"
|-
! style="background: #c2c2fa; color: black" width="14%" scope="col" | [[ESA Tools|Tools]]
! style="background: #9a9af8; color: black" width="14%" scope="col" | [[ESA Template Guides|Templates]]
|} </div></div>{{TOCright}}
== Introduction ==
On this page you will find templates for some of the artifacts in the ESA Program. Additionally, user guides are included with some of the templates and can be found in the far right column.<br>
{| class="wikitable"
!Name
!Description
!Template Link
!User Guide Link (if applicable)
|-
|'''Concept of Operations Template'''
|A concept of operations (ConOps) presents the organization’s business domain, related information systems (both existing and future), and the long-term strategic plan for the evolution of both the business and systems in meeting the organization’s goals and objectives. ConOps should be written outside of IT projects; however, if one is to be produced as part of a project, then it should be written relatively early in the project life cycle process.
|[[Media:GC ESA Concept of Operations (ConOps) Template.docx|ConOps Template]]
|[[Media:GC ESA Guide for ConOps and SysCon Document Templates.pdf|User Guide]]
|-
|'''System Operational Concept Template'''
|The system concept (SysCon)* is a document that is developed in support of the implementation of, or a significant change to, a specific information system. A SysCon describes in user terms specific characteristics of a new information system, or of the changes required for an existing one. As a requirements engineering tool, the SysCon aids in eliciting requirements from stakeholders. There is always value in developing a SysCon for a project even when there is no related ConOps. The SysCon should be developed during the conceptual phase of the project life cycle process.
''*This document is equivalent to what ISO 29148 refers to as a system operational concept or OpsCon. To avoid any confusion with the ConOps, the term system concept and the abbreviation SysCon are used instead.''
|[[Media:GC ESA System Concept (SysCon) Document Template.docx|SysCon Template]]
|[[Media:GC ESA Guide for ConOps and SysCon Document Templates.pdf|User Guide]]
|-
|'''Security Guide for the Installation of Information System Interconnections (Including template)'''
|This guide provides guidance to GC departments and agencies for the secure installation of interconnections between GC information systems and between GC information systems and external information systems. This guide is based on the National Institute of Standards and Technology Security Guide for Interconnecting Information Technology Systems (NIST Special Publication 800-47).
|[[Media:GC ESA Security Guide for Installation of Interconnections.docx|Interconnection Security Agreement Template]]
|[[Media:GC ESA Security Guide for Installation of Interconnections.docx|User Guide]]
|-
|'''ESA Project Charter Template with Security'''
|The TBS Project Charter template has been updated to support departments and agencies integrate IM/IT security related roles into the project from the very beginning.
|[[Media:GC_ESA_Project_Charter_Template.docx|Project Charter Template]]
|
|-
|'''ESA Project Plan Template with Security'''
|The project plan is the controlling document to manage an Information Management/Information Technology (IM/IT) project. This template has been updated to support departments and agencies identify and integrate security activities into the project plan.
|[[Media:GC_ESA_Project_Plan_Template.docx|Project PlanTemplate]]
|
|-
|'''ESA Risk Register Template'''
|The Risk Register is the document containing the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning. The risk register details all identified risks, including description, category, cause, probability of occurring, impact on objectives, proposed responses, owners, and current status. It is a spreadsheet containing all the statements of risk identified for the project.
|[[Media:IT_Security_Risk_Register_v1.0.xlsm|Risk RegisterTemplate]]
|
|}
[[Category:Enterprise Security Architecture]]