Audit of information technology security : roadmap implementation.: D58-265/2016E-PDF

“As a result of the Security Reform Team review in 2013, there has been significant evolution of the Department of National Defence and the Canadian Armed Forces (DND/CAF) Security Program and a renewed commitment by senior management to improve how the Program is governed and managed. For example, the Vice Chief of the Defence Staff (VCDS) established the Director General Defence Security (DGDS) organization, and the position was appointed as the Departmental Security Officer (DSO). At the same time, DGDS was delegated full functional authority for the Defence Security Program, and the Assistant Deputy Minister (Information Management) (ADM(IM)) retained the functional authority for Information Technology (IT) Security—one element of the Security Program. The 2014/15 to 2015/16 Risk-based Audit Plan included an Audit of IT Security. The objective of the audit was to assess the governance and control practices in place to ensure implementation of the IT Security Roadmap. The audit found that there is an opportunity to strengthen the governance and control practices for the IT Security Program in order to support ADM(IM) in effectively exercising its functional authority for IT Security across the Department. Strengthening governance and control practices would also set the foundation for assigning accountability for achieving IT Security objectives, priorities, and expectations in the DND/CAF as set out in the IT Security Roadmap"--Results in brief, p. iii.

Permanent link to this Catalogue record:
publications.gc.ca/pub?id=9.831547&sl=0

• MARC XML format
• MARC HTML format

Request alternate formats