Protecting Information Assets Followup
The Government of Alberta uses a variety of information technology systems to provide programs and services, and to host and process personal information.
In our October 2008 Report, we recommended that Executive Council establish a central security office to oversee information security for the organizations using the government’s shared computing infrastructure. We also made seven IT security recommendations directly to Service Alberta and three recommendations jointly to Service Alberta and Infrastructure.
In 2010, we reported that Service Alberta implemented the Corporate Information Security Office, and that the CISO then developed, implemented and communicated 10 IT security directives to ministries. Service Alberta and the Ministry of Infrastructure developed and communicated physical and environmental standards for shared data facilities (SDF) that store the government’s information systems and data. The ministries then started work on implementing those standards in SDFs throughout Alberta.
Why this is important to Albertans
Albertans need to:
- access online services and accurate government information when needed
- know that the IT systems the government and publicly funded entities use are secure, and that they protect personal and government information from unauthorized use
Albertans expect government and publicly funded websites and systems used to provide programs and services to be available when needed. They expect the data they process and host to be secure from potential attack. They also expect the government will maintain adequate security standards to protect these applications and systems, and that all technologies used to deliver programs and services are implemented and maintained in a manner that safeguards confidential government and personal information.