Policy
POLICY INSTRUMENTS
The Treasury Board Secretariat (TBS) had developed a set of policy instruments that provide the necessary policy guidance to enable smooth cloud adoption across the Government of Canada.
Strategic Plan
Digital Operations Strategic Plan: 2018-2022
Government of Canada Strategic Plan for Information Management and Information Technology 2017-2021
Government of Canada Cloud Adoption Strategy: 2018 update
Policy and Directive
Policy on Service and Digital
Directive on Service and Digital
Policy on Management of Information Technology
Policy Framework for Information and Technology
Policy on Information Management
Directive on Automated Decision-Making
Standards and Guidelines
Digital Standards
Standards on Application Programming Interfaces (APIs)
Government of Canada right cloud selection guidance
Government of Canada cloud security risk management approach and procedures
Government of Canada Security Control Profile for Cloud-based GC Services
Government of Canada White Paper: Data Sovereignty and Public Cloud
Security and identity management guidance
Directives, standards, guidelines and publications related to security
Secure use of cloud services
How to put in place secure cloud solutions.
Recommended controls for cloud-based services
How to secure, manage, and use cloud services.
Using electronic signatures
Guidance on using electronic signatures in support of the GC’s day-to-day business activities.
Secure electronic signature regulations
Getting a valid electronic signature.
Public key infrastructure
Guideline on creating public keys for secure identity management
Password management guidance
How government services should manage user passwords
Privacy Impact Assessment Summaries
Privacy Impact Assessments (PIAs)
Choosing the right cloud service
Find out which cloud deployment model is right for your organization.
Data residency requirements
Understand the Government of Canada’s requirements for the storage of data within Canada.
Secure use of cloud services
How to put in place secure cloud solutions.
Risk-management for cloud-based services
Protect cloud services by ensuring that the proper security controls are in place.
Data sovereignty in cloud environments
Assessing the risks of foreign governments accessing Canadian data in the cloud.
