IT Security Risk Management Boot Camp

Overview

Delivery method

Virtual classroom

Duration

5 days

Audience

All public servants at all levels

Managers

Information Management Specialists

Supervisors

Description

All Government of Canada (GC) departments and agencies transmitting, storing, or processing sensitive government information must be protected by systems that have been developed, acquired, and evaluated according to recognized standards and implemented in accordance with GC policies and directives.

This boot camp will present participants with the general concepts of cyber security risk management for the GC and the foundational knowledge and guidelines needed to contribute to the development of security control profiles. It will also highlight the integration of cyber security risk management within the System Development Life Cycle (SDLC) as described in ITSG-33.

This boot camp consists of 3 parts:

• Part 1 - IT Security Risk Management: A Lifecycle Approach (ITSG-33)

• Part 2 - Information System Security Implementation Process (ISSIP)

• Part 3 - IT Security Risk Management and Security Control Profiles

Learning Objectives

With this course, learners will have acquired a high-level knowledge of the essential concepts and processes of cross-domain solutions. They will be better able to plan and uncerstand the operational requirements of cross-domain solutions when information needs to be shared between security domains.

• Apply IT security risk management within the GC context

• Identify the initial steps to integrating risk management guidance within your department

• Describe the ISSIP and why it is required

• Situate the ISSIP within the ITSG-33 security risk management process

• Describe all the ISSIP activities

• Complete key ISSIP activities

• Interpret departmental threat & risk assessments

• Identify business domains

• Define IT security approaches

• Identify relevant common criteria

Target Audience

Project/Program Managers, IT Security Designers, Architects, Engineers and Managers

Prerequisite(s)

It is strongly recommended that participants complete the Canada School of Public Service (CSPS) Discover GC Cloud online course prior to taking this course. This course can be found on the CSPS learning platform.

Notes

The Digital Enterprise Skilling (DES) program provides Shared Services Canada (SSC) employees with the knowledge and skills required to accelerate digital adoption, improve IT services delivery, and adapt to the workforce’s needs of the future. If you have not registered as an SSC Digital Enterprise Skilling (DES) participant yet, sign up here: Digital Enterprise Skilling (sharepoint.com)

Legacy course code: 910