Skip Ribbon Commands
Skip to main content
Sign In
  
Definition
  
Accreditation

​The final approval to authorize operation of an information system and to explicitly accept the risk to the Ministry or Government (including mission, functions, image, or reputation), assets, or individuals, based on the implementation of an agreed upon set of security controls.

IMT Standards Program
Act

​Legislation; the laws of the province.

IMT Policy Program
Agencies, Boards or Commissions

​Advise ministries and provide support for particular areas. They do not report through the department unless the Minister responsible for administrating the department specifically identifies an agency, board or commission to be within scope.

IMT Standards Program
Application (business application)

​A collection of computer hardware, computer programs, databases, procedures and knowledge workers that work together to perform a related group of services or business processes.

IMT Standards Program
Application (business application)
A collection of computer programs, databases, and procedures designed to help GoA perform particular tasks or handle particular types of IT problems by automating a business process or function.
Information Security Management Directives
Assets

​For the purposes of information security policy, information in all forms and media, networks, hardware, software and application systems.

IMT Standards Program
Assets
Assets – for the purposes of information security policy: information in all forms and media, networks, hardware, software and application systems.
Information Security Management Directives
Audit

​Is an examination of the facts to render an opinion and would include testing evidence to support the opinion.

IMT Standards Program
Audit
Audit – is an examination of the facts to render an opinion and would include testing evidence to support the opinion.
Information Security Management Directives
Audit logs

​Includes all types of event logs including (but not limited to) security, audit, application, access and network across all operating system platforms.

IMT Standards Program
Audit logs
Audit logs – includes all types of event logs including (but not limited to) security, audit, application, access and network across all operating system platforms.
Information Security Management Directives
Authentication

​The act of establishing or confirming something (or someone) as authentic, that is, that claims made by, or about, the thing are true. Authenticating a person often consists of verifying their identity.

IMT Standards Program
Availability

​The property of being accessible and usable upon demand by an authorized entity. (ISO/IEC 13335-1:2004).

IMT Standards Program
Business Continuity Plan (BCP)

​The procedures and information necessary for the timely recovery of essential services, programs and operations, within a predefined timeframe. The BCP includes the recovery following an emergency or a disaster that interrupts an operation or affects service or program delivery.

IMT Standards Program
Business Environmental Scan

​This is a business context assessment conducted as part of business planning that includes analysis of threats, risks, strengths, strategic opportunities, external environmental factors (e.g. macroeconomic factors and analysis of the potential value propositions for different groups of constituents) at a respective level of planning (e.g. ministry business context assessment is conducted as part of the ministry business planning).

IMT Standards Program
Business information technology systems

​Internal administrative and productivity information systems that support the organization such as e-mail, calendars and financial systems.

IMT Standards Program
Business/Project Sponsor

​The business or project sponsor champions, and is accountable for, the project. He chairs the steering committee meetings and has ongoing accountability for the outcomes of the project in the form of its end product/services. The business/project sponsor provides overview and direction for the project.

IMT Standards Program
Capacity management

​The process of determining the system capacity needed to deliver specific performance levels through quantification and analysis of current and projected workload.

IMT Standards Program
Certification

​See: Security Certification

IMT Standards Program
Change Management

​The objective of change management is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes in order to minimize the impact of change-related incidents and to improve day-to-day operations.

IMT Standards Program
Circular

​A circular is a document outline records management requirements set by the Alberta Records Management Committee (ARMC).

IMT Policy Program
Cluster Initiative

​An initiative in which a group of ministries collaborate to achieve commonality, cost-effectiveness, improved services delivery and performance.

IMT Standards Program
Commercial-off-the-shelf (COTS)

​Commercially available products that can be purchased and integrated with little or no customization.

IMT Standards Program
Compliance checking

​Includes; an audit, risk and control review; security review; and monitoring of an information system to ensure compliance with relevant IMT Policies, Policy Directives or Standards.

IMT Standards Program
Confidentiality

​Information is not made available or disclosed to unauthorized individuals, entities or processes.

IMT Standards Program
Control Framework

​Are the policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected.

IMT Policy Program
Corporate Information Security Program

​See: Information Security Program.

IMT Standards Program
Corporate Initiative

​An initiative relating to all ministries within the GoA and/or Service Alberta operated shared services.

IMT Standards Program
Cryptographic keys

​A piece of information that controls the operation of a cryptography algorithm. In encryption, a key specifies the particular transformation of data into encrypted data and the transformation of encrypted data into data during decryption. The cryptographic algorithm ensures that only someone with knowledge of the key can reproduce or reverse the transformation of data.

IMT Standards Program
Cryptography

​The discipline which embodies principles, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification, or prevent its unauthorized use.

IMT Standards Program
Data

​See: Information.

IMT Standards Program
Data processing facility

​The physical location housing any information processing system, service or infrastructure; this includes storage facilities for equipment not yet deployed or awaiting disposal.

IMT Standards Program
Devices

​Hardware that information is written to and/or stored on. See also Hardware.

IMT Standards Program
Directive

​Establish expected behaviours and actions of ministries and employees to support policy approved by elected officials. Directives provide formal instruction that oblige ministries to take or avoid specific actions or provide specific objectives that must be met.  Directives state control objectives and specify clear expectations for selection of controls in order to meet control objectives.

IMT Standards Program
Directive

​Establish expected behaviors and actions of ministries and employees to support policy approved by elected officials. Directives provide formal instruction that oblige ministries to take or avoid specific actions or provide specific objectives that must be met.

IMT Policy Program
Disaster Recovery Plans (DRP)

​The procedures and information necessary to recover critical IT functions from any event that may interrupt an operation or affect service or program delivery, within the timeframes determined in the Business Impact Assessment. The DRP is part of a ministry’s overall business continuity plan (Business Continuity Plan or BCP).

IMT Standards Program
Disposition

​The actions taken regarding information that is no longer needed to support on-going administrative and operational activities in accordance with an approved Records Management Schedule. Directions may include destroy, transfer to the government archives, transfer to inactive records storage space, or retain permanently in unit.

IMT Standards Program
Electronic commerce

​The exchange of information between government and internal and external stakeholders independently of either participant’s computer system. e.g., electronically accessing forms, obtaining payments, sending invoices, receiving tax returns, placing orders and receiving transaction acknowledgements.

IMT Standards Program
Electronic messages

​Includes all forms of electronic messaging such as e-mail, voice mail, instant messaging etc.

IMT Standards Program
Employee

​Is a person appointed under the Public Service Act.

IMT Standards Program
Enterprise

​A group of individuals working together for a common purpose, typically within the context of an organizational form such as corporation, public agency, charity or trust.

IMT Standards Program
Equipment

​See: Hardware.

IMT Standards Program
Event

​Is an identified occurrence of a system or service state indicating a possible breach of information security policy or failure of safeguards, or a previously unknown situation that may be security relevant.

IMT Standards Program
External party

​A person external to government, including vendors, service delivery agents, business and citizens.

IMT Standards Program
Fault

​An error or failure in either software or hardware.

IMT Standards Program
GoA IMT Strategic Plan

​The GoA IMT Strategic Plan will provide: A 3-5 year overview of the GoA IMT strategic priorities that are required in the IMT environment; IMT technology opportunities assessment; and measurable outcomes of the proposed programs and projects to support realization of the IMT Strategy. The GoA IMT Strategic Plan is reviewed and updated on an annual basis based on the result of annual performance reviews.

IMT Standards Program
GoA Project Compliance Requirements

​A set of architecture blueprints and standards, security and policies, directives and standards and other compliance requirements that each project, regardless of funding sources and costs, must be evaluated against, comply with or provide satisfactory alternative approach to managing risks and security threats, enabling alignment with the business capabilities and corporate IMT standards.

IMT Standards Program
Government information

Means all recorded information, regardless of physical format, that is received, created, deposited or held by or in any ministry, agency, board, commission, Crown corporation, institution, committee or council reporting or responsible to the Government of Alberta.

Government records include machine-readable records, data stored in information systems, film, audio and audiovisual tapes, etc. Government records include cabinet ministers' records that are created and/or accumulated and used by a Minister (or a Minster's office) in developing, implementing and/or administering programs of government. Government records do not include legislative records (records created and/or accumulated and used by an individual or an office in the administration of the Legislative Assembly of Alberta or by a Member of the Legislative Assembly). See: Record and Information.

IMT Standards Program
Government network

​See: Network infrastructure.

IMT Standards Program
Guidelines

​Provide information, advice or explanation to assist in implementation of policy or policy instruments. Guidelines provide advice or recommendations on controls to meet control objectives.

IMT Standards Program
1 - 50Next