00000nam 2200000za 4500 9.833070 CaOODSP 20221107150133 cr ||||||||||| 170307s2016 onc o f000 0 eng d CaOODSP eng n-cn--- D58-271/2015E-PDF Audit of Civilian Human Resources Management System (HRMS(Civ)) application access rights [electronic resource]. Audit of HRMS(Civ) application access rights [Ottawa] : National Defence, [2016] 33 p. in various pagings Issued also in French under title: Audit des droits d’accès à l’application du Système de gestion des ressources humaines civiles (SGRH(Civ)). Cover title. At head of title: Reviewed by ADM(RS) in accordance with the Access to Information Act. Information UNCLASSIFIED. "December 2015." “The current HRMS(Civ) user access management framework is not sufficiently rigorous to ensure the integrity and confidentiality of HR data. There is a lack of key system accreditation requirements, limited documentation on the consistent use of the HR data, weak access controls, unclear roles and responsibilities, and the wide distribution of the HR data outside of the HRMS system. The Department is thus unable to ensure that the HR data has been safeguarded, used appropriately, and secured from unauthorized use. As a result, a privacy breach involving the personal data of current and former employees and CAF members may have occurred. Taken in its entirety, these factors create a risk to people's personal information, as well as to the reputation of the Department. Given the sensitive nature and pervasive use of personal information within the Department, stakeholders must be proactive and provide an enterprise approach to the assessment and management of this situation. Based on TBS policy requirements and guidelines, the Department should take expedient action to resolve the identified privacy and security issues and should ensure that the proper user access framework is in place going forward”--Conclusion, p. 15. gccst Human resources gccst Computer security gccst Audit Canada. Department of National Defence. Chief Review Services. Audit des droits d’accès à l’application du Système de gestion des ressources humaines civiles (SGRH(Civ)) (CaOODSP)9.833457 PDF 705 KB https://publications.gc.ca/collections/collection_2017/mdn-dnd/D58-271-2015-eng.pdf 7050-33-9 (ADM(RS))