Government of Canada Digital Standards: Playbook
Improving government services in the Digital Age
Our goal is to provide public services to Canadians which are simple to use and trustworthy. The Government of Canada’s Digital Standards form the foundation of the government’s shift to becoming more agile, open, and user-focused. They will guide teams in designing digital services in a way that best serves Canadians.
These digital standards were co-created with the public and key stakeholder groups. They are living standards and they will continue to evolve over time as we better understand the complexities involved in putting them into practice.
This guidance is aspirational. It does not reflect how the government currently operates. This guidance outlines ways of working, or behaviours, that align with the Digital Standards (the Standards). While teams are not expected to, at present, strongly align with the following guidance, teams are expected to assess their own and others’ behaviours and work to better align with this guidance.
Teams are encouraged to note any questions they have, as well as any challenges they encounter while trying to align with the Standards. The Digital Change Sector at TBS is available to help teams with coaching, advice and learning opportunities, including connecting colleagues with experience and expertise on the Digital Standards. What is the story of your journey to align your work to the Government of Canada Digital Standards?
These Standards were co-created with the public and key stakeholder groups. They are living standards and will continue to evolve over time as we better understand the complexities involved in putting them into practice.
This guidance does not include implementation details, such as specific frameworks of methodologies. For specifics, please refer to existing policy instruments, such as the Policy on Service and Digital.
Each standard includes a definition of that standard, followed by lists of aligned and misaligned behaviours. These lists are not exhaustive.
- Aligned behaviours: examples of behaviours that align with the Standards
- Misaligned behaviours: examples of behaviours that go against the spirit of the Standards
- provision of a specific final output that addresses one or more needs of an intended recipient and contributes to the achievement of an outcome.
- a group of people who work together daily over prolonged periods of time and have their work prioritized by the same person.
- Data Steward:
- Data users who implement enterprise data governance and principles to control the use and maintenance of data assets.
Design with users
Research with users to understand their needs and the problems we want to solve. Conduct ongoing testing with users to guide design and development.
Guidance: Design with users
Services should be built to address the needs of users, not the internal constraints or complexities of government. To deliver value to users, teams must understand and prioritize users’ needs. Everything is a hypothesis until it is tested with the users.Footnote 1
Teams must validate their hypotheses and assumptions through direct and frequent interactions with those who will be using the services. Users may be members of the public, government employees, or a combination of both. Users will come from diverse backgrounds and vary in location, experience, knowledge, and abilities. Therefore, teams should design services with the needs of all users in mind.
When designing services, teams must take a holistic approach to service delivery – from each member’s individual contributions to the end goal, as defined by the users.
- Our team uses end-user feedback to establish the requirements of our service(s).
- Our team has processes or tools in place to incorporate user feedback, including anonymous user feedback, into the design of the service.
- Our team conducts user research before deciding on how to implement the service.
- Our team has tested our primary systems with a wide range of users, including users with varying needs and diverse backgrounds.
- Our team considers user needs and feedback when defining key service metrics.
- Our team uses automation to anticipate and detect operational or quality-of-service issues before our users tell us.
- Our team includes, or has direct access to, the expertise required to conduct user research and usability testing.
- Our team builds our service based on the requirements outlined in extensive documentation.
- Our team does not involve internal or external users to collaborate on the service design.
- The technical development resources or IT senior management prioritize features.
- Senior management dictates how our team prioritizes tasks.
- Senior executives and teams rely exclusively on desk-based research or other proxy sources of information to inform policy, program and service design.
Iterate and improve frequently
Develop services using agile, iterative and user-centred methods. Continuously improve in response to user needs. Try new things, start small and scale up.
Guidance: Iterate and improve frequently
In contrast to high-risk, long lead, big bang deployments, working services must be in the hands of users as early as possible to get rapid feedback. That feedback is then used to iterate upon to improve the service.Footnote 2
Teams set a “north star” to define a clear direction, then begin iterating towards that goal. They must keep in mind that the path is not clear, and unexpected circumstances will require adjustments along the way. By using modern technologies and modern approaches to working, teams can reduce risk by limiting the size of changes and increasing their frequency.
Processes should empower teams to deliver value to services as often as possible. But these processes should not increase risk by using documentation in place of demonstrably functioning software, creating prolonged processes. Focus on working software over comprehensive documentationFootnote 3 and remember that perfect is the enemy of good.
- There are processes in place to prioritize and implement feedback from peers, stakeholders and end-users.
- When a new or updated service or feature is being created, our team understands the minimum requirements for the system to be of value to users.
- Our team experiments with new approaches based on team reflections, lessons learned and user feedback.
- Our team collects metrics throughout the development and life cycle of the service in order to improve it.
- When resolving problems, our team dedicates time to identify the root cause of the issue and address it.
- Our team relentlessly inspects, adapts and automates our processes to deliver value to users faster.
- Our team has access to environments and resources to allow for rapid prototyping while initial requirements are being sought.
- Our team embraces learning about and using new digital skills, approaches and tools to incorporate into our daily work.
- Our team shares our work only once it has been finalized and approved.
- Decisions regarding our team’s direction are made without reference to any collected performance metrics.
- Our team identifies solutions before it is clear what outcomes we are working towards and how to measure them.
- Processes are rarely, if ever, reviewed for efficiencies.
- Our team must wait for the project to be approved and funded before we can get access to environments to begin experimenting with solutions.
- Our team fully architects the service delivery solution before starting to build.
Work in the open by default
Share evidence, research and decision making openly. Make all non-sensitive data, information, and new code developed in delivery of services open to the outside world for sharing and reuse under an open licence.
Guidance: Work in the open by default
Working in the open has many benefits, such as:
- increasing the transparency of services
- increasing trust in government
- creating an ecosystem that promotes innovation
- increasing collaboration within and external to government
- promoting understanding of government processes and services
- encouraging innovation throughout the Government of Canada and non-governmental organizations by using government data and information to improve service delivery for Canadians
Working in the open aligns Canada with the Digital Nations Charter, of which it is a signatory, and promotes “transparency and citizen participation and uses open licences to produce and consume open data,”Footnote 4 as well as the Open Data Charter. By working in the open, the Government of Canada can increase its reuse of existing public solutions and allow others to reuse its work.
- Our team continually makes all non-sensitive and non-personal data, information and new code publicly available or, at a minimum, accessible across the Government of Canada for sharing and reuse.
- Our team contributes back to the public projects we borrow from.
- Our team tracks and makes public the metrics we use to measure our success.
- Our team tracks and makes publicly available or, at a minimum, accessible across the Government of Canada, information about how often a change to our services fails (for example, the deployment or rollout of a service or feature experiences issues or complications).
- Our team makes visual displays that show what we’re working on and the status of our work; these displays are available publicly or at least throughout the Government of Canada.
- Our team publicly documents, including examples of reuse, how others can use their service’s application programming interfaces (APIs), open data or information.
- All of our team’s work is done on systems behind the corporate firewall.
- Our team’s work has permissions set so that only members of our team can access the work.
- Our team does not contribute to or collaborate on work being done by our colleagues.
- Our team applies the same security classification to all data stored by the application.
- Our team has no process to declassify and release records when they are no longer protected or classified.
- The documentation for our APIs is available only to approved internal consumers.
Use open standards and solutions
Leverage open standards and embrace leading practices, including the use of open source software where appropriate. Design for services and platforms that are seamless for Canadians to use no matter what device or channel they are using.
Guidance: Use open standards and solutions
To maintain the trust of Canadians, the government must continually learn and improve by embracing leading practices to simplify access to government services in order to meet the rising expectations of Canadians.
The Digital Nations Charter calls for the use of both Open Standards and Open Source. To achieve this, this Digital Standard aligns with the ultimate Digital Vision which reads, “The Government of Canada is an open and service-oriented organization that operates and delivers programs and services to people and businesses in simple, modern and effective ways that are optimized for digital and available anytime, anywhere and from any device.”Footnote 5 By using open source software, and open standards and solutions, the Government of Canada can expand its vendor pool to acquire digital services.
- Our team prioritizes solutions that use open standards.
- Team members give back to the open source community as active contributors.
- Our team designs our services to be interoperable with other services.
- When searching for a new product, service or solution, our team considers open source solutions.
- Our team supports clients using any device, from anywhere and at any time.
- Our team renews existing contracts with vendors without first investigating open source tooling.
- Our team does not have the competencies to deliver our services without the help of consultants or closed source vendor software.
Address security and privacy risks
Take a balanced approach to managing risk by implementing appropriate privacy and security measures. Make security measures frictionless so that they do not place a burden on users.
Guidance: Address security and privacy risks
Digital services are core to service delivery, and they must securely store and manage Canadians’ information to maintain trust in government services.
Teams should consider security and privacy at the very start of working on a given service, in alignment with Iterate and Improve. Teams must consider the implementation of security and privacy controls as part of their daily work.
Similarly, the service’s processes should promote and monitor the continuous implementation of security and privacy controls throughout its life cycle. This will increase the security and privacy posture of digital services through automated testing and real-time reporting and monitoring, rather than anecdotal document-heavy manual processes.
The security and privacy controls and processes should be frictionless. Teams should ensure that services are designed first and foremost for users, not to satisfy existing legacy government procedures, tooling or processes.
Creating frictionless processes and permitting services to be iterated and improved upon quickly will allow the government to respond quickly to security or privacy risks. By responding to these operational needs within hours or minutes rather than months, the government can improve its security and privacy posture.
- Our team considers security and privacy throughout the service design process.
- When implementing or enforcing security or privacy controls, our team takes into consideration how they would impact the service’s quality, efficiency, and end-users.
- Security measures are frictionless so that they do not place a burden on users.
- Our team has privacy and security knowledge and understanding as a competency within the team.
- The service has automated security checks and privacy protections, including role-based access and audit functions.
- There are procedures and processes in place to quickly respond to security or privacy breaches or incidents.
- Our team has no internal privacy or security knowledge, relying on other teams to identify nearly all security or privacy controls and best practices.
- The core services our team works on have no automated security checks or privacy protections.
- Our team relies on security through obscurity, hiding services or information rather than improving the security posture of the service.
- Our team implements or enforces security or privacy controls without considering the impact on service usability.
Build in accessibility from the start
Services should meet or exceed accessibility standards. Users with distinct needs should be engaged from the outset to ensure what is delivered will work for everyone.
Guidance: Build in accessibility from the start
Quality should be built in from the start, so that previously implemented components do not need to be reworked for issues such as accessibility. The faster and earlier issues are found, the less costly they are to fix.Footnote 6
Accessibility in Canada is about creating communities, workplaces and services that enable everyone to participate fully in society without barriers. The Government of Canada is committed to taking a proactive and systemic approach to identifying, removing and preventing barriers to accessibility without delay in order to uphold the rights of persons with disabilities under the Canadian Human Rights Act.
To meet these commitments, accessibility needs to be considered at every point in the development of the service. Accessibility must be monitored and built into our processes to continually align with accessibility standards. Accessibility should be a constant part of iterating and improving frequently and designing with users, throughout the design of the service.
When designing with users, teams should identify a wide variety of users with a wide variety of needs to ensure that accessibility standards are met or exceeded.
- Starting at the outset, our team’s service and platform design continually considers the lowest levels of digital skill, confidence and access.
- Our team understands how to make our services or products accessible.
- Our team considers accessibility throughout the service design process.
- Research and testing are conducted to ensure that our service is accessible to people of all abilities no matter how, where or when they access the service.
- Our team conducts ongoing research with users with low-level digital literacy, people with disabilities, and people from different cultural and linguistic backgrounds.
- Our team implements automated accessibility checks for our services.
- Our team has no competency with accessibility and relies on another team to identify accessibility shortcomings.
- Accessibility compliance is added at the end of the development cycle in order to pass compliance checks or audits.
Empower staff to deliver better services
Make sure that staff have access to the tools, training and technologies they need. Empower the team to make decisions throughout the design, build and operation of the service.
Guidance: Empower staff to deliver better services
To promote innovation and create agility within our organizations, our teams must be empowered. Innovation increasingly flows from the bottom up, rather than from the top down. To benefit from this trend, teams must be empowered.
Don’t hire good people to tell them what to do, hire good people to have them tell you what to do.Footnote 7 The government manages large, highly complex and crucially important services for their users. A top-down command and control approach enforces service delivery and design based on the constraints of government,Footnote 8 rather than the needs of users or the expertise of those building the services.Footnote 9 Instead of bringing information up to authority, bring authority down to the information.Footnote 10 Those best suited to solve a given problem are those closest to the problem.Footnote 11
By removing decision-making authority from the teams and placing it into complex governance structures, a team’s innovative potential is limited by legacy procedures and processes. To create organizations that are able to iterate and improve frequently, teams must be empowered to make decisions for themselves.
Complex architectures that are responsive to the needs of users, including users within the organization, are emergent and are not based on hypotheses that lack the expertise of those closest to the problems needing to be solved.
- Team members self-organize and self-manage through self-assigning tasks.
- Team members meet with liberty to openly discuss challenges without fear of blame or reproach.
- Team members feel safe to challenge the status quo.
- Our team values learning as part of daily work.
- Team members can articulate how their work contributes to business outcomes.
- Our team can choose the tools they use to deliver their service.
- Our team’s management actively removes impediments that prevent the team from focusing on delivering value.
- Our team has access to environments to experiment with new approaches, tooling, or solutions.
- Our team feels their feedback is valued.
- Our team treats failures as opportunities to improve and learn.
- Work is assigned directly to members of our team from management.
- Our team is required to get a series of approvals before making routine changes to our service.
- Learning in our team is largely done through week- or day-long courses periodically throughout the year.
- Our team is unable, or finds it difficult, to acquire productivity tooling.
- Our team does not have access to Software as a Service (SaaS) productivity tools as they are blocked by the department.
- On our team, learning through books, blogs, videos, talks or tutorials is not viewed as work.
- Our team has restricted access to tools, training and software based on job classification.
Be good data stewards
Collect data from users only once and reuse wherever possible. Ensure that data is collected and held in a secure way so that it can easily be reused by others to provide services.
Guidance: Be good data stewards
Good data stewardship is required to ensure that data is clean, reusable and managed responsibly so that the data can be used for data-driven decision-making and reused to reduce duplication of efforts.
Good data stewardship involves managing data and information responsibly and securely. Good stewardship supports the sharing and reuse of data throughout the Government of Canada and promotes data use for innovative new solutions within the private sector.
In alignment with working in the open by default, well-organized and parseable data and information should be published in machine-readable formats so that it can be accessed by humans or machines.
In alignment with iterating and improving frequently, teams should work to continually improve the quality of the data, and the quality of the processes used to manage and publish that data.
By working in the open by default and properly managing data and information sources, issues such as duplication of data, information and work can be mitigated, while promoting innovative solutions that use information collected and published by the government.
- Our team strives to leverage data to continually improve decision-making, operations or service delivery.
- Our team identifies what data is needed to support decision-making, operations or service delivery, and reuses existing data wherever possible before acquiring new data.
- Our team strives to identify and remove barriers to data sharing and release.
- Our team ensures that users of our services can make corrections to their personal information.
- Our team publishes data and information on the open government portal.
- Our team publishes data in plain language and machine-readable formats.
- Our team has clearly defined roles, responsibilities and accountabilities for data and information management and use.
- Our team captures appropriate metadata to provide context for the information and data we create and capture, which enables their discovery and reuse by others.
- Our team has processes in place to regularly assess, maintain and improve data quality.
- Our service has processes in place to ensure proper management of information and data before they are collected, used, disclosed, retained, disposed of, or declassified.
- Our team ensures that information and data of business value are saved in systems where they can be properly managed.
- Our team has processes in place for determining the classification of data and information.
- Our team is aware of which information and data have business value and prioritizes their management.
- Our team, or the service our team manages, asks users for the same information more than once.
- The service, or services, our team is responsible for collects all the data or information required without reusing existing data or information.
- The documentation for our APIs is available only to approved internal consumers.
- Our team does not have the data we need to make informed policy, program or service decisions.
Design ethical services
Make sure that everyone receives fair treatment. Comply with ethical guidelines in the design and use of systems which automate decision making (such as the use of artificial intelligence).
Guidance: Design ethical services
Designing ethical systems means that systems created by the government ensure that everyone receives equitable treatment.
Services should address user needs and provide public benefits. In the digital age, the underlying systems that run Canada’s services come to conclusions that can be unclear to both the external users and those managing the systems. The responsible use of automated decision systems includes being open about their use and being able to explain how the systems make decisions.
Teams must work to increase the transparency and address potential biases of computational decisions, and to ensure that that decisions made by or supported using these systems are legal, consistent and accurate, and align with the expectations and intents of those managing them.
Organizations can ensure that they are designing ethical services through iterative service design where results are continuously monitored against expected and desired outcomes. However, with extensive monitoring solutions, teams must ensure that their services are not enforcing biases, whether conscious or unconscious.
- Our team continually seeks out indicators of bias and ensures that our services are not reinforcing unintended biases.
- Our team continually seeks out evidence of unintended consequences to the user in service design and delivery and works to mitigate these consequences for the user.
- When our team uses automated decision-making, we acknowledge, account for and mitigate possible biases in the data and algorithms.
- Our team designs services that address cultural, linguistic, geographical, accessibility, technological, socioeconomic, or other access barriers to uptake.
- Our team has considered the impacts of decisions on the users and reduces negative outcomes, when encountered.
- Our team uses data in a manner consistent with the purpose of its collection.
- Our team receives no training regarding the potential impacts of the service we are designing or delivering.
- Our team conducts little to no monitoring of outcomes of the service to identify implicit bias.
- Our team delegates ethical analysis to a vendor or external service, without direct accountability to management.
- Our team designs and delivers services without fully considering relevant legislation.
- Our team delivers services without assessing the impacts of negative outcomes.
Create multidisciplinary teams with the range of skills needed to deliver a common goal. Share and collaborate in the open. Identify and create partnerships which help deliver value to users.
Guidance: Collaborate widely
Collaborating widely allows us to learn lessons from others to minimize mistakes and reduce rework by identifying and sharing existing solutions. The problems that government solves are often unique, though they are not unique among governments.
Many of the same solutions by the same, or similar, vendors are used throughout the world, or at varying levels of government within different jurisdictions. When designing or implementing a service using tools or systems, teams should identify which other departments, jurisdictions or organizations have used similar technologies to solve similar use cases. In this way, teams will collaborate widely, reduce rework, share solutions and benefit from lessons already learned by others.
Using multidisciplinary teams, especially when coupled with the empowerment of teams, makes it easier for the government to deliver modern and innovative services. Through wide collaboration, organizations begin to break down the silos developed over time.
Going forward, working across skill sets, using work from others and learning from others’ lessons will encourage the development of modern services that better meet the changing needs of citizens in the digital age.
- Our team is multidisciplinary, having all the skills and capabilities required to fully deliver our service to users.
- Our team is active in communities of practice, events or groups that pertain to the areas of expertise of team members.
- Our team identifies and collaborates with other teams in or outside of our organization, including other levels of government, other governments, the public, or private sector organizations, who have done or are doing similar work.
- Our team documents any APIs for our service using modern and common protocols and standards and provides examples to others for their use.
- Our team uses data from performance monitoring tools to inform business decisions.
- Our team develops most of the service on our own, without using existing solutions and services to reduce duplication of effort.
- Our team overwhelmingly relies on tickets to manage collaboration between internal stakeholders or teams.
- The team does not consider the impacts on teams working across the value stream, or on the outcome of the service.
Posters to share
Report a problem or mistake on this page
- Date modified: