Policy

Revision as of 13:50, 30 January 2020 by Emilie.salinas (talk | contribs)


Banne cloud.jpg



Policy Instruments


The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.

Strategic Plan

Policy and Directive

Standards and Guidelines

Cloud Security

Policies and Standards

  • Policy on Management of Information Technology
  • Policy on Government Security
  • Direction for Electronic Data Residency, ITPIN No: 2017-02
  • Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)

Guidance

  • Government of Canada Security Control Profile for Cloud-Based GC IT Services
  • Government of Canada Cloud Security Risk Management Approach and Procedures
  • CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada
  • CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones
  • CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
  • CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols
  • CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process
  • Guidance on Cloud Authentication for the Government of Canada
  • Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
  • GC Event Logging Strategy (Draft)
  • Standard Operating Procedure for GC Cloud Event Management
  • Security Playbook for Information System Solutions

Tools & Templates

Cloud Security Initiative

Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security inititative Cloud Security Intiative