Changes

2,528 bytes added , 01:19, 8 April 2020

no edit summary

Line 1: Line 1: +

+

+

+

+

+

{| width="100%" cellpadding="10"

+

|width="90%" style="color: black;" align="right" |

+

+

[[Template: Politique|Français]]

+

+

|width="10%" style="color: black; align=center" |

+

+

+

+

|}

+

{| width="100%" cellpadding="10"

+

|-valign="top"

+

|width="50%" style="color: black;" |

+

+

[[Image:Governance.jpg|250x250px|center |link=Governance]]

+

+

|width="50%" style="color: black;" |

+

+

[[Image:Cic.jpg|center|250x250px |link=GC_Cloud_Infocentre]]

+

+

|}

Policy Instruments

−

<big><big>The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.

Line 42: Line 74:

=== Policies and Standards ===

−

::* Policy on Management of Information Technology

+

::* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12755 Policy on Management of Information Technology]

−

::* Policy on Government Security

+

::* [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578 Policy on Government Security]

−

::* Direction for Electronic Data Residency, ITPIN No: 2017-02

+

::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/direction-electronic-data-residency.html Direction for Electronic Data Residency, ITPIN No: 2017-02]

−

::* Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)

+

::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/direction-secure-use-commercial-cloud-services-spin.html Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)]

=== Guidance ===

−

::* Government of Canada Security Control Profile for Cloud-Based GC IT Services

+

::* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-security-control-profile-cloud-based-it-services.html Government of Canada Security Control Profile for Cloud-Based GC IT Services]

−

::* Government of Canada Cloud Security Risk Management Approach and Procedures

+

::* [https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 Government of Canada Cloud Security Risk Management Approach and Procedures]

−

::* CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada

+

::* [https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada]

−

::* CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones

+

::* [https://cyber.gc.ca/en/guidance/network-security-zoning-design-considerations-placement-services-within-zones-itsg-38 CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones]

−

::* CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems

+

::* [https://cyber.gc.ca/en/guidance/user-authentication-guidance-information-technology-systems-itsp30031-v3 CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems]

−

::* CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols

+

::* [https://nam06.safelinks.protection.outlook.com/?url=https://www.cse-cst.gc.ca/en/node/1830/html/26507&data=02|01|Jamie.Hart@microsoft.com|7503434d3e8c4c8cc23808d68d7d1039|72f988bf86f141af91ab2d7cd011db47|1|0|636851965624128440&sdata=TDPmXQvqrn0jGPdERr3KmlsTo0WJVu646TgUe8ZpxNg%3D&reserved=0 CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols]

−

::* CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process

+

::* [https://cyber.gc.ca/en/guidance/cloud-service-provider-information-technology-security-assessment-process-itsm50100 CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process]

−

::* Guidance on Cloud Authentication for the Government of Canada

+

::* [https://intranet.canada.ca/wg-tg/cagc-angc-eng.asp Guidance on Cloud Authentication for the Government of Canada]

−

::* Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain

+

::* [https://intranet.canada.ca/wg-tg/rtua-rafu-eng.asp Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain]

−

::* GC Event Logging Strategy (Draft)

+

::* [https://www.gcpedia.gc.ca/gcwiki/images/e/e3/GC_Event_Logging_Strategy.pdf GC Event Logging Strategy (Draft)]

−

::* Standard Operating Procedure for GC Cloud Event Management

+

::* [https://www.gcpedia.gc.ca/gcwiki/images/5/5f/GC_Cloud_Event_Management_Standard_Operating_Procedure.pdf Standard Operating Procedure for GC Cloud Event Management]

−

::* Security Playbook for Information System Solutions

+

::* [https://www.gcpedia.gc.ca/gcwiki/images/a/a8/Security_Playbook_for_Information_System_Solutions.pdf Security Playbook for Information System Solutions]

=== Tools & Templates ===

Line 68: Line 100:

== Cloud Security Initiative ==

−

Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security ~~inititative~~ [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security ~~Intiative~~]

+

Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security initiative [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Initiative]

</big></big>

__FORCETOC__

Emilie.salinas

429

edits

Changes

Policy (view source)

Revision as of 01:19, 8 April 2020

Navigation menu

Search