000
| 02619nam 2200301za 4500 |
---|
001 | 9.833070 |
---|
003 | CaOODSP |
---|
005 | 20221107150133 |
---|
007 | cr ||||||||||| |
---|
008 | 170307s2016 onc o f000 0 eng d |
---|
040 | |aCaOODSP|beng |
---|
043 | |an-cn--- |
---|
086 | 1 |aD58-271/2015E-PDF |
---|
245 | 00|aAudit of Civilian Human Resources Management System (HRMS(Civ)) application access rights |h[electronic resource]. |
---|
246 | 17|aAudit of HRMS(Civ) application access rights |
---|
260 | |a[Ottawa] : |bNational Defence, |c[2016] |
---|
300 | |a33 p. in various pagings |
---|
500 | |aIssued also in French under title: Audit des droits d’accès à l’application du Système de gestion des ressources humaines civiles (SGRH(Civ)). |
---|
500 | |aCover title. |
---|
500 | |aAt head of title: Reviewed by ADM(RS) in accordance with the Access to Information Act. Information UNCLASSIFIED. |
---|
500 | |a"December 2015." |
---|
520 | |a“The current HRMS(Civ) user access management framework is not sufficiently rigorous to ensure the integrity and confidentiality of HR data. There is a lack of key system accreditation requirements, limited documentation on the consistent use of the HR data, weak access controls, unclear roles and responsibilities, and the wide distribution of the HR data outside of the HRMS system. The Department is thus unable to ensure that the HR data has been safeguarded, used appropriately, and secured from unauthorized use. As a result, a privacy breach involving the personal data of current and former employees and CAF members may have occurred. Taken in its entirety, these factors create a risk to people's personal information, as well as to the reputation of the Department. Given the sensitive nature and pervasive use of personal information within the Department, stakeholders must be proactive and provide an enterprise approach to the assessment and management of this situation. Based on TBS policy requirements and guidelines, the Department should take expedient action to resolve the identified privacy and security issues and should ensure that the proper user access framework is in place going forward”--Conclusion, p. 15. |
---|
692 | 07|2gccst|aHuman resources |
---|
692 | 07|2gccst|aComputer security |
---|
692 | 07|2gccst|aAudit |
---|
710 | 1 |aCanada.|bDepartment of National Defence.|bChief Review Services. |
---|
775 | 08|tAudit des droits d’accès à l’application du Système de gestion des ressources humaines civiles (SGRH(Civ)) |w(CaOODSP)9.833457 |
---|
856 | 40|qPDF|s705 KB|uhttps://publications.gc.ca/collections/collection_2017/mdn-dnd/D58-271-2015-eng.pdf |
---|