DAOD 6003-0, Information Technology Security
Table of Contents
Date of Issue: 2012-04-18
Application: This DAOD is a directive that applies to employees of the Department of National Defence (DND employees) and an order that applies to officers and non-commissioned members of the Canadian Forces (CF members).
Approval Authority: Assistant Deputy Minister (Information Management) (ADM(IM))
Enquiries: Director Information Management Security (Dir IM Secur)
- information technology (technologies de l’information)
- Has the same meaning as in the Treasury Board Directive on Management of Information Technology.
- information technology security (sécurité des technologies de l’information)
- Has the same meaning as in the Treasury Board Operational Security Standard: Management of Information Technology Security (MITS).
3. Policy Direction
3.1 The ADM(IM) is responsible for the Information Technology (IT) Security Programme in the DND and the CF, and for ensuring that it aligns with the Departmental Security Program that is managed by the Departmental Security Officer.
3.2 Given the assignment to the ADM(IM) under DAOD 1000-0, Corporate Administrative Direction of information-related functional areas, the ADM(IM) acts as the Chief Information Officer for the DND and the CF.
3.3 The DAOD 6003 series, along with the DND and CF IM and IT Policy Framework, should be read in conjunction with other relevant ADM(IM) policies, instructions, directives, standards and guidance.
3.4 The DND and the CF are committed to:
- making IT security an integral part of continuous programme and service delivery, recognizing that it is both a business imperative and a service enabler; and
- ensuring the effective and efficient implementation of IT security in support of programmes, business priorities and operations.
3.5 The DND and the CF must:
- establish the roles and responsibilities of all personnel in respect of IT security; and
- ensure that:
- managers at all levels identify and integrate approved IT security requirements, processes and procedures into all plans, programmes, projects, activities and services;
- IT security services and processes are responsive to business needs;
- clear, concise and timely direction is provided for IT security; and
- IT security policies, processes, procedures and supporting documentation are current, complete and aligned with Government of Canada policies, directives and standards.
4.1 The following table identifies the authorities associated with this DAOD:
|The …||has or have the authority to …|
level one advisors
Dir IM Secur
Acts, Regulations, Central Agency Policies and Policy DAOD
- Policy on Government Security, Treasury Board
- Policy on Information Management, Treasury Board
- Policy on Management of Information Technology, Treasury Board
- Directive on Departmental Security Management, Treasury Board
- Directive on Management of Information Technology, Treasury Board
- Management Accountability Framework, Treasury Board
- Operational Security Standard - Business Continuity Planning (BCP) Program, Treasury Board
- Operational Security Standard: Management of Information Technology Security (MITS), Treasury Board
- DAOD 6000-0, Information Management and Information Technology