Sign In

The Information Security Branch, within the Government of Saskatchewan, maintains and provides interpretation and enforcement of information security policies. The Government of Saskatchewan Information Security Policies are based on the ISO/IEC 27001:2013 framework for information security controls and have been reviewed by an independent third-party. This industry-standard framework specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. 

Each policy document references the corresponding ISO domain to which it aligns. Further, we have referenced the corresponding National Institute of Standards and Technology (NIST) framework as well. 

Should you have questions or feedback related to these policy documents, you may engage the Information Security Branch via email at CSITInformationSecurityBranch@gov.sk.ca.

Additional information and resources regarding information security including reporting incidents, protection from spam and phishing, information/data classification, security assessments, and related documentation can be found on the IT Security Services Taskroom page.

Overarching Policy


The purpose of this policy is to provide a framework to manage information security for all Government of Saskatchewan (GoS) information systems (including but not limited to all computers, mobile devices, networking equipment, software and data) and information users.

Acceptable Use


This policy is designed to establish acceptable and appropriate use of tools within the Government of Saskatchewan with a focus on Information Security. This includes stipulating constraints and practices to which all employees and contractors must agree. 

Policies 


This policy establishes a framework to initiate and control the implementation and operation of information security within the Government of Saskatchewan.

This policy is to ensure employees and contractors are aware of and fulfill their information security responsibilities prior to, during, and at termination or change in employment.

This policy is to identify and safeguard government information assets in accordance with their sensitivity and value.

This policy is to ensure proper and effective use of logical and physical access controls to safeguard access to GoS networks, application, and information.

This policy is to ensure proper and effective use of cryptography to protect the confidentiality and integrity of government information.

This policy is to prevent unauthorized physical access, loss, damage, theft, compromise or interference to the government’s information, assets, and operations.

This policy is to ensure correct and secure operations of information systems.

This policy is to ensure the protection of information in networks and its supporting information processing facilities, and to maintain the security of information transferred within an organization and with any external entity.

This policy is to ensure that security is an integral part of information systems across their entire lifecycle.

This policy is to ensure protection of government information assets that are accessible by suppliers and to maintain an agreed level of information security in line with supplier agreements.

This policy is to ensure a consistent and effective approach to the management of information security incidents, including communication on security events and weaknesses.

This policy is to embed information security continuity in the government’s business continuity management systems and to ensure availability of the government’s information systems.

This policy is to ensure compliance with all relevant legal, statutory, regulatory, and contractual information security obligations and requirements.




Contact information

If you have any questions or require more information please contact:

Information Security branch

Email CSITInformationSecurityBranch@gov.sk.ca
Phone 306-798-3550*
*Please note that this number requires 10-digit dialing. 
Business hours are Monday to Friday 8 a.m. to 5 p.m. 

 Related Documents