Policy Bulletin 708

Number: 708
In effect: 2023-12-18

• Commissioner's Directive (CD) 225 - Information Technology Security
• Commissioner's Directive (CD) 226 - Use of Electronic Resources

Why were these policies changed?

CD 225 and CD 226 were amended to incorporate new information technology (IT) security direction as a result of the publication of the Treasury Board Secretariat’s (TBS’s) Policy on Service and Digital.

Changes were also made to better align the policies with the new IT security reporting structure and provide clarification and updated information in the Responsibilities and Procedures sections. .

What has changed?

Throughout both policies, the following changes have been made:

• The position of Departmental Security Officer was changed to Deputy Chief Security Officer to align with TBS’s policy.
• The position of IT Security Coordinator was changed to Designated Official for Cyber Security to align with
  TBS’s policy.
• The role and responsibilities of the Regional Manager, IT Security, are now part of IT Security and references to the Regional Manager, IT Security, were removed.
• References to the Treasury Board’s Policy on Acceptable Network and Device Use were updated to refer to the TBS’s Policy on Service and Digital.
• Minor editorial changes were made throughout the documents.

---

CD 226 – Use of Electronic Resources

• The process for reporting IT security incidents was updated to streamline the process.

How were they developed?

These policies were revised by the IT Security Division, in collaboration with the Strategic Policy Division.

Accountabilities?

Roles and responsibilities are detailed in the policy documents.

Who will be affected by the policies?

All individuals who have been authorized to use CSC’s information systems, services or electronic information.

Other impacts?

N/A

Contact

Strategic Policy Division
Policy-Politiques.GEN-NHQ@csc-scc.gc.ca

Commissioner,
Anne Kelly