Number: 
Creation Date:  2022-10-04
Category:  Risk Management
Effective Date:  2022-10-04
Version:  1.1
Last Reviewed:  2023-10-04
Security Classification:  Protected A
Scheduled Review Date:  2024-10-01
Status:  Approved

Description:
Please note that information classified as Protected (per the Data and Information Security Classification standard) is only accessible to Government of Alberta Employees. External users are therefore not able to download this document. To request access, please contact us: imt.policy@gov.ab.ca.

Defines the control objectives for identification, assessment, and management of cybersecurity risks (cyber risk) within the GoA. Cyber risk is managed through risk assessment, threat identification, vulnerability assessment, and documented processes for reporting and treating risk.


Keywords: risk management, threats, vulnerabilities, risk tolerance