Difference between revisions of "Policy"

From wiki
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
 
{{Cloud Information Centre - Government of Canada}}
 
{{Cloud Information Centre - Government of Canada}}
 +
<b>
 +
</b>
 +
<!-- NAV -->
 +
<!-- Columns -->
 +
 +
{| width="100%" cellpadding="10"
 +
 +
|width="90%" style="color: black;" align="right" |
 +
<!-- COLUMN 1 STARTS: -->
 +
[[Template: Politique|Français]]
 +
<!-- COLUMN 1 ENDS: -->
 +
|width="10%" style="color: black; align=center" |
 +
 +
<!-- COLUMN 2 STARTS: -->
 +
 +
<!-- COLUMN 2 ENDS: -->
 +
 +
<!-- Columns -->
 +
|}
 +
 +
{| width="100%" cellpadding="10"
 +
|-valign="top"
 +
 +
|width="50%" style="color: black;" |
 +
<!-- COLUMN 1 STARTS: -->
 +
[[Image:Governance.jpg|250x250px|center |link=Governance]]
 +
<!-- COLUMN 1 ENDS: -->
 +
|width="50%" style="color: black;" |
 +
<!-- COLUMN 2 STARTS: -->
 +
[[Image:Cic.jpg|center|250x250px |link=GC_Cloud_Infocentre]]
 +
<!-- COLUMN 2 ENDS: -->
 +
|}
 
<span style="font-family: Century Gothic; font-size: 28pt;"><font color="#9F000F;">Policy Instruments</font><span>
 
<span style="font-family: Century Gothic; font-size: 28pt;"><font color="#9F000F;">Policy Instruments</font><span>
 
  
 
<big><big>The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.
 
<big><big>The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.
Line 42: Line 74:
  
 
===  Policies and Standards ===
 
===  Policies and Standards ===
::* Policy on Management of Information Technology
+
::*     [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12755 Policy on Management of Information Technology]
::* Policy on Government Security
+
::* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578 Policy on Government Security]
::* Direction for Electronic Data Residency, ITPIN No: 2017-02
+
::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/direction-electronic-data-residency.html Direction for Electronic Data Residency, ITPIN No: 2017-02]
::* Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)
+
::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/direction-secure-use-commercial-cloud-services-spin.html Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)]
  
 
=== Guidance ===
 
=== Guidance ===
::* Government of Canada Security Control Profile for Cloud-Based GC IT Services
+
::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-security-control-profile-cloud-based-it-services.html Government of Canada Security Control Profile for Cloud-Based GC IT Services]
::* Government of Canada Cloud Security Risk Management Approach and Procedures
+
::* [https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 Government of Canada Cloud Security Risk Management Approach and Procedures]
::* CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada
+
::* [https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada]
::* CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones
+
::* [https://cyber.gc.ca/en/guidance/network-security-zoning-design-considerations-placement-services-within-zones-itsg-38 CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones]
::* CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
+
::* [https://cyber.gc.ca/en/guidance/user-authentication-guidance-information-technology-systems-itsp30031-v3 CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems]
::* CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols
+
::* [https://nam06.safelinks.protection.outlook.com/?url=https://www.cse-cst.gc.ca/en/node/1830/html/26507&data=02|01|Jamie.Hart@microsoft.com|7503434d3e8c4c8cc23808d68d7d1039|72f988bf86f141af91ab2d7cd011db47|1|0|636851965624128440&sdata=TDPmXQvqrn0jGPdERr3KmlsTo0WJVu646TgUe8ZpxNg%3D&reserved=0 CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols]
::* CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process
+
::* [https://cyber.gc.ca/en/guidance/cloud-service-provider-information-technology-security-assessment-process-itsm50100 CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process]
::* Guidance on Cloud Authentication for the Government of Canada
+
::* [https://intranet.canada.ca/wg-tg/cagc-angc-eng.asp Guidance on Cloud Authentication for the Government of Canada]
::* Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
+
::* [https://intranet.canada.ca/wg-tg/rtua-rafu-eng.asp Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain]
::* GC Event Logging Strategy (Draft)
+
::* [https://www.gcpedia.gc.ca/gcwiki/images/e/e3/GC_Event_Logging_Strategy.pdf GC Event Logging Strategy (Draft)]
::* Standard Operating Procedure for GC Cloud Event Management
+
::* [https://www.gcpedia.gc.ca/gcwiki/images/5/5f/GC_Cloud_Event_Management_Standard_Operating_Procedure.pdf Standard Operating Procedure for GC Cloud Event Management]
::* Security Playbook for Information System Solutions
+
::* [https://www.gcpedia.gc.ca/gcwiki/images/a/a8/Security_Playbook_for_Information_System_Solutions.pdf Security Playbook for Information System Solutions]
  
 
=== Tools & Templates ===
 
=== Tools & Templates ===
Line 68: Line 100:
  
 
== Cloud Security Initiative ==
 
== Cloud Security Initiative ==
Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security inititative [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Intiative]  
+
Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security initiative [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Initiative]  
 
</big></big>
 
</big></big>
 
{{GC Cloud Information Centre Footer}}
 
{{GC Cloud Information Centre Footer}}
 
__FORCETOC__
 
__FORCETOC__

Latest revision as of 00:19, 8 April 2020


Banne cloud.jpg



Français


Governance.jpg
Cic.jpg

Policy Instruments

The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.

Strategic Plan

Policy and Directive

Standards and Guidelines

Cloud Security

Policies and Standards

Guidance

Tools & Templates

Cloud Security Initiative

Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security initiative Cloud Security Initiative