Security requirements are determined by both government and industry, and are published both internally and to the public. Section 13 – Information systems acquisition, development and maintenance.This document references the following four sections from ISO/ IEC 27002:2013 “Information technology - Security techniques - Code of practice for information security controls”: This document is one in a series, which define platform-independent technical security requirements. This document defines general security requirements for the protection of the integrity, confidentiality and availability of Government of Ontario networks and computer systems. In particular, GO ITS describe where the application of a standard is mandatory and specify any qualifications governing the implementation of standards.Īll GO-ITS 25 Standards are based on the work of recognized global authorities in information and operational security, both in government and industry. These publications support the responsibilities of the Treasury Board Secretariat ( TBS) for coordinating standardization of Information & Information Technology ( I&IT ) in the Government of Ontario. Government of Ontario Information Technology Standards ( GO ITS) are the official publications on the IT standards adopted for use across the government’s IT infrastructure. Updated guidance regarding generic/shared/privileged account management, least privilege applicability, version number set to 1.4Īpproved by IT Executive Leadership Council 2014 (administrative updates, ISO/ IEC alignment), draft version number set to 1.3 Minor updates per rationale to ARB in Dec. Approved document version number set to 1.2 Minor updates approved by Information Technology Executive Leadership Council ( ITELC). Organizational updates, updated hyperlinks and references, minor adjustment and errataĭocument format updated, minor adjustments Minor corrections and changes to more closely align with ISO 27002:2005, Adjustment to include access control and monitoring sections as per consultations with Ontario Internal Audit Division Aligned with ISO 27002:2005, Input from 2007-2008 review process incorporated
0 Comments
Leave a Reply. |