IT Security Guidance (ITSG)

ITSG-26

Information Technology Security Guidance for Purchasing CSEC-Approved Cryptographic Equipment from the United States Government
HTML | PDF (1.3MB)

ITSG-41

Security Requirements for Wireless Local Area Networks

  • Overview
    HTML | PDF (1.09MB)
  • Annex 1 - Government Hot Spot High-Level Design Guidance
    HTML | PDF (2.14MB)
  • Annex 2 - Wireless User to Wired Network Connection High-Level Design Guidance
    HTML | PDF (2.98MB)
  • Annex 3 - Wired Network to Wired Network via Wireless Bridge High-Level Design Guidance
    HTML | PDF (2.93MB)
  • Annex 4 - Identification of Control Elements from Security Controls
    HTML | PDF (1.39MB)

ITSG-33

IT Security Risk Management: A Lifecycle Approach

  • Annex 1 - Departmental IT Security Risk Management Activities
    HTML | PDF (1.91MB)
  • Annex 2 - Information System Security Risk Management Activities
    HTML | PDF (3.85MB)
  • Annex 3 - Security Control Catalogue
    HTML | PDF (2.37MB)
  • Annex 4 - Profile 1 - (Protected B / Medium Integrity / Medium Availability)
    HTML | PDF (1.48MB)
  • Annex 4 - Profile 2 - (Protected A / Low Integrity / Low Availability)
    HTML | PDF (1.47MB)
  • Annex 4 - Profile 3 - (Secret / Medium Integrity / Medium Availability)
    HTML | PDF (1.53MB)
  • Annex 5 - Glossary
    HTML | PDF (1.30MB)

ITSG-38

Network Security Zoning - Design Considerations for Placement of Services within Zones
HTML | PDF (1.39MB)

ITSG-31

User Authentication Guidance for IT Systems
HTML | PDF (1.08MB)

ITSG-04

Threat and Risk Assessment Working Guide has been replaced by the Harmonized Threat And Risk Assessment Methodology (TRA)

ITSG-22

Baseline Security Requirements for Network Security Zones in the Government of Canada
HTML | PDF (2.68MB)

ITSG-23

BlackBerry® Enterprise Server Isolation in a Microsoft Exchange Environment
HTML | PDF (1.42MB)

ITSG-10

The COMSEC Material Control Manual (ITSG-10) has been replaced by the Directive for the Control of COMSEC Material in the Government of Canada (ITSD-03)

ITSG-06

Clearing and Declassifying Electronic Data Storage Devices
HTML | PDF (1.49MB)

ITSG-13

Cryptographic Key Ordering Manual
HTML | PDF (2.15MB)

ITSG-20

Windows Server 2003 Recommended Baseline Security
HTML | PDF (746KB)

ITSG-05

Canadian Industrial TEMPEST Program Manual
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

ITSG-02

Criteria for the Design, Fabrication, Supply, Installation and Acceptance Testing of Walk-in, Radio-Frequency-Shielded Enclosures
HTML | PDF (1.74MB)

ITSG-03

Procedures for the Release, Export and Disposal of TEMPEST designed Equipment and Technology
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

MG-1

Network Security, Analysis and Implementation
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

MG-2

A Guide to Security Risk Management for Information Technology Systems
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

MG-3

A Guide to Risk Assessment and Safeguard Selection for Information Technology Systems
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

MG-4

A Guide to Certification and Accreditation for Information Technology Systems
* Under review. For any question, please email Client Services at: itsclientservices@cse-cst.gc.ca

To read these files download the free Adobe® Acrobat® Reader which allows you to view, navigate, and print PDF files across all major computer platforms.