![]() ![]() ![]() ![]() |
![]() ![]() ![]() ![]() ![]() |
Course Description | |
The Government Security Policy (GSP) mandates that departments certify and accredit all IT systems prior to operation. Certification, the actual verification of security functionality, aims to support accreditation, which is the management decision to accept any remaining risks. This course examines the C&A; processes for evaluating system safeguards and establishing accountability for their implementation. ![]() |
|
Outline | |
![]() |
|
Audience | |
Business planners and project managers, as well as IT practitioners and IT security specialists in both the public and private sectors.
![]() |
|
Course Level | |
Intermediate Recommended preparation: Course S33 - Introduction to Information Technology Security: The Management and Technology of Cyber Protection, or equivalent. ![]() |
|
Prerequisite(s) | |
None
![]() |
|
Special Note(s) | |
None
![]() |
|
Additional Readings/Instructor-suggested URLs | |
Treasury Board Secretariat
Communications Security Establishment A Guide to Security Risk Management for IT Systems (MG-2) http://www.cse-cst.gc.ca/publications/gov-pubs/itsg/mg2-e.html A Guide to Risk Assessment and Safeguard Selection for IT Systems (MG-3) http://www.cse-cst.gc.ca/publications/gov-pubs/itsg/mg3-e.html A Guide to Certification and Accreditation for IT Systems (MG-4) http://www.cse-cst.gc.ca/publications/gov-pubs/itsg/mg4-e.html Threat and Risk Assessment Working Guide (ITSG-04) http://www.cse-cst.gc.ca/publications/gov-pubs/itsg/itsg04-e.html National Institute of Standards and Technology Guide to Information Technology Security Services (Special Publication 800-35) / PDF http://csrc.nist.gov/publications/nistpubs/800-35/NIST-SP800-35.pdf Guide for the Security Certification and Accreditation of Federal Information Technology Systems (Special Publication 800-37) / PDF http://csrc.nist.gov/publications/nistpubs/800-37/SP800-37-final.pdf Security Requirements for Cryptographic Modules (FIPS 140-2) http://csrc.nist.gov/cryptval/ Common Criteria http://www.commoncriteriaportal.org ![]() |
|
Date(s) | (E) = English (F) = French |
January 16, 2006 (F) February 6, 2006 (E) ![]() |
|
Fee |
To be determined by The Institute (PWGSC).
See their website to register and for additional information: www.pwgsc.gc.ca/institute/text/sec02-e.html
![]() |