Security in 2019: Launch of a renewed Policy on Government Security

July 2, 2019

By Rita Whittle, Executive Director, Treasury Board of Canada Secretariat

Security has come a long way since the Government of Canada (GC) implemented its first security requirements in 1948. Back then, security at the office meant locking up your cabinets and the door to your office.

Since then, the security environment has evolved significantly and with it, our daily lives at home and at work. These days we’re thinking about cyberattacks, or making contingency plans for floods and fires. But the bottom line is the same: we need to minimize security risks.

On July 1st, 2019, the Treasury Board of Canada Secretariat (TBS) updated the Policy on Government Security (PGS) for the first time in 10 years. The renewed policy is more aligned to today’s new operating environment—characterized by an increasingly global context, a highly mobile workforce and enterprise, shared IT and service delivery—and strengthens government security management practices.

The new PGS has been updated to:

  • streamline instruments and rules
  • strengthen governance
  • clarify roles and responsibilities;
  • strengthen security behaviour and culture
  • position eight security controls at the policy level

Designation of a Chief Security Officer

One highlight of the new PGS is the requirement for deputy heads of departments to designate a Chief Security Officer (CSO). The CSO is responsible for governance, planning, monitoring and reporting, and provides strategic senior level leadership, coordination and oversight on departments’ security obligations, as they relate to trusted service and program delivery. CSOs will, above all, work with partners to ensure security is managed effectively (as set out in the Directive on Security Management).

Security controls

The policy includes eight mandatory security controls. Included in these is “security event management,” which is critical to ensuring activities are well coordinated within departments and with partners. Likewise, a security control for “business continuity management” assures that CSOs enable the recovery of critical services and that delivery is maintained during a security incident. There is also a new Standard on Security Event Reporting to help manage potential impacts and support GC-wide decision making during unexpected events, like floods.

Our commitment to citizens and federal public servants is to effectively manage Government of Canada security, helping to ensure the protection of information, people and assets. The renewed Policy on Government Security is the result of deep collaboration with key partners and stakeholders, including lead security agencies and internal enterprise services organizations. The Treasury Board of Canada Secretariat looks forward to working with all departments on successfully implementing the PGS, taking the next step in security.

Resources section

Rita Whittle

Rita Whittle
Executive Director, Security Policy Division

Ms. Whittle is responsible for the GC Security Policy Suite, including providing strategic policy direction to departments to continue to strengthen and mature security management and related performance practices.  She delivers the Government of Canada vision of Security in support of service modernization and trusted program and service delivery. Rita chairs GC Security governance committees, which include the Government of Canada Security and Readiness Committee, the DG Enterprise Security Control Committee. As well, she supports the ADM Security Committee (co-chaired by TBS and PCO) and convenes an annual GC Security Summit with Public Safety Canada and PCO. Ms. Whittle joined the Treasury Board Secretariat (TBS) in December, 2011.  Prior to TBS, Ms. Whittle occupied the position of Director General, Internal Integrity and Security, at Employment and Social Development Canada (ESDC). She enjoyed a career in both IT and business programs during her 19-year service with ESDC-Service Canada, holding progressively senior positions and gaining invaluable insight into client relationship management, operations, and policy and program development, having worked at both local and regional levels at ESDC.

Ms. Whittle graduated from Memorial University of Newfoundland and has acquired a strong knowledge of and significant experience in security, identity and authentication, business modelling, risk management, strategic planning, information management, information technology, program development and delivery, as well as emergency and business continuity management.

Add new comment

Rules of Engagement

We look forward to hearing from you. Your ideas and feedback are central to the development of both the Open Government portal and the Government of Canada’s approach to Open Government.

While comments are moderated, the portal will not censor any comments except in a few specific cases, listed below. Accounts acting contrary to these rules may be temporarily or permanently disabled.

Comments and Interaction

Our team will read comments and participate in discussions when appropriate. Your comments and contributions must be relevant and respectful.

Our team will not engage in partisan or political issues or respond to questions that violate these Terms and Conditions.

Our team reserves the right to remove comments and contributions, and to block users based on the following criteria:

The comments or contributions:

  • include personal, protected or classified information of the Government of Canada or infringes upon intellectual property or proprietary rights
  • are contrary to the principles of the Canadian Charter of Rights and Freedoms, Constitution Act, 1982
  • are racist, hateful, sexist, homophobic or defamatory, or contain or refer to any obscenity or pornography
  • are threatening, violent, intimidating or harassing
  • are contrary to any federal, provincial or territorial laws of Canada
  • constitute impersonation, advertising or spam
  • encourage or incite any criminal activity
  • are written in a language other than English or French
  • otherwise violate this notice

Our team cannot commit to replying to every message or comment, but we look forward to continuing the conversation whenever possible. Please note that responses will be provided in the same language that was used in the original comment.

Our team will reply to comments in the official language in which they are posted. If we determine the response is a question of general public interest, we will respond in both official languages.