Information Categorization Tool

Welcome Transcript
Luc Tremblay

  Luc Tremblay

Before starting at the federal level, Luc had the opportunity to work in several fields in the private sector among other things he was the chief operating officer of a private airport.

Since joining the Government of Canada in 1992, he has worked in more than five different departments and agencies, from Statistics Canada where he handled all of the data collection tools in the regional offices, then to Revenue Canada as a Director of Telephony, Video Conferencing and Call Centre Tools, through Shared Services Canada by adding networking to his portfolio. Just prior to joining ESDC Luc was Senior Deputy Chief Information Officer at Canadian Heritage.

Although his job as a departmental security officer is his first job in security, Luc realizes that his career has prepared him well for this challenge, because although IT and security are not brothers, they are very close cousins.

Securing information not only concerns the proper handling and protection of information but also safeguarding information from creation and storage to disposal. Employees must protect all information, whether it is in a physical form or electronic form. This guide allows you to easily find everything you need for information categorization and handling.

Information Categorization

From concept to innovative tool

Protég&233;/Protected

The following safeguards and security measures represent the minimum measures that should be applied for each activity related to the handling of information (mailing, faxing, transporting, etc). In order to determine whether the minimum safeguards are sufficient or should be increased, programs and/or employees should follow the process below:

  1. Assess the risk related to the injury that could reasonably be expected to occur due to a compromise. The degree of injury is a composite of both the severity (level of damage e.g. from physical injury to loss of life) and the scope (number of people, organizations, facilities, systems, or the size of the geographical area affected e.g. localized or widespread or the duration of the injury (e,g, short term or long term).
  2. Consult your Regional Security Office (RSO) (if needed) for help in identifying and assessing those risks. Your RSO will provide guidance and advice on the most appropriate safeguards to be applied depending on the results of the assessment.
  3. Based on the risk identified (e.g. severity and scope) apply the appropriate safeguards as identified within the tool.

Information Categorization Tool

Resource Corner

Guidelines and Directives

Helpful tips on maintaining a secured workstation and applying sound security practices daily can be found in the Clean Desk Guidelines

Information Categorization Tool

Hi, my name is Luc Tremblay, your Chief Security Officer. I am pleased to present you the Information Categorization Tool. This interactive online innovation approach will allow you to find what you need to know when dealing with categorization and handling of information. I hope you will enjoy your visit.