DEPARTMENT OF VETERNS AFFIAIR

Department Of Veterns Affair



Department Of Veterns Affair

Introduction

The document, Technical Security Standard for Information Technology (TSSIT), is aimed to analyze areas in getting a lowest standard of security for classified and specific data and information and is composed on the rules and needs of the Security Policy of the organization. TSSIT is used by the RCMP Security Evaluation and Inspection Team (SEIT) as evaluation rule for reviews of system such as computer systems and computer based networks like local area networks.

Discussion

Scope

The standard of security made by TSSIT needs not only to save the information assets of a department, but also gives guarantee that shared information will get a minimum level of safety o irrespective of its position.

Wide applications and varieties in technical deployment make it practically impossible to give accurate and comprehensive safeguards for each and every available Information Technology (IT) scenario. Further protective measures are to be used on the basis of threat and risk assessment (TRA).

Moreover, the methods listed in this paper do not completely encounter the execution of

Top Secret information or summarize data requiring a categorization of Top Secret information. When it is required to execute such data, a TRA is to be utilized as the foundation for making the security needs and the respective security of the department.

TSSIT is applicable to all federal departments listed in Schedule I, Parts I and II, of the

Public Service Staff Relations Act, and to the Canadian Forces, the Royal Canadian

Mounted Police (RCMP) and the Canadian Security Intelligence Service (CSIS). It is also

Applicable for contractually where data of government is executed by the private organizations. This can be done with proper contract on security clauses on the basis of TSSIT.

General Requirements

IT security means the safety of systems, data and services from accidental and obvious threats to privacy, ...