Difference between revisions of "Policy"

From wiki
Jump to navigation Jump to search
Line 11: Line 11:
  
 
== Policy and Directive ==
 
== Policy and Directive ==
* Policy on Service and Digital
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32603 Policy on Service and Digital]
* Directive on Service and Digital
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Directive on Service and Digital]
* Policy on Management of Information Technology
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Policy on Management of Information Technology]
* Policy Framework for Information and Technology
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Policy Framework for Information and Technology]
* Policy on Information Management
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12742 Policy on Information Management]
* Directive on Automated Decision-Making
+
* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32592 Directive on Automated Decision-Making]
  
 
== Standards and Guidelines ==
 
== Standards and Guidelines ==
* Digital Standards
+
* [https://www.canada.ca/en/government/system/digital-government/government-canada-digital-standards.html Digital Standards]
* Standards on Application Programming Interfaces (APIs)
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/government-canada-standards-apis.html Standards on Application Programming Interfaces (APIs)]
* Government of Canada right cloud selection guidance
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/government-canada-right-cloud-selection-guidance.html Government of Canada right cloud selection guidance]
* Government of Canada cloud security risk management approach and procedures
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/cloud-security-risk-management-approach-procedures.html Government of Canada cloud security risk management approach and procedures]
* Government of Canada Security Control Profile for Cloud-based GC Services
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/government-canada-security-control-profile-cloud-based-it-services.html Government of Canada Security Control Profile for Cloud-based GC Services]
* Government of Canada White Paper: Data Sovereignty and Public Cloud
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/gc-white-paper-data-sovereignty-public-cloud.html Government of Canada White Paper: Data Sovereignty and Public Cloud]
* Security and identity management guidance - Directives, standards, guidelines and publications related to security  
+
* Secu[https://www.canada.ca/en/treasury-board-secretariat/services/access-information-privacy/security-identity-management.html rity and identity management guidance - Directives, standards, guidelines and publications related to security]
 
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/direction-secure-use-commercial-cloud-services-spin.html Secure use of cloud services - How to put in place secure cloud solutions.]
* Secure use of cloud services - How to put in place secure cloud solutions.  
+
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/government-canada-security-control-profile-cloud-based-it-services.html Recommended controls for cloud-based services - How to secure, manage, and use cloud services.]
 
 
* Recommended controls for cloud-based services - How to secure, manage, and use cloud services.  
 
 
* Using electronic signatures - Guidance on using electronic signatures in support of the GC’s day-to-day business activities.
 
* Using electronic signatures - Guidance on using electronic signatures in support of the GC’s day-to-day business activities.
 
* Secure electronic signature regulations - Getting a valid electronic signature.
 
* Secure electronic signature regulations - Getting a valid electronic signature.

Revision as of 14:08, 28 January 2020


Banne cloud.jpg



Policy Instruments


The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.

Strategic Plan

Policy and Directive

Standards and Guidelines

  • Risk-management for cloud-based services
  • Protect cloud services by ensuring that the proper security controls are in place.
  • Data sovereignty in cloud environments - Assessing the risks of foreign governments accessing Canadian data in the cloud.