Creation Date:  2024-06-13
Category:  Risk Management
Effective Date:  2024-06-13
Version:  5.0
Last Reviewed:  2024-06-13
Security Classification:  Protected A
Scheduled Review Date:  2025-06-13
Status:  Approved


​​​The Cybersecurity Risk Management Framework (CRMF) outlined in this document is designed to establish a robust, sustainable cybersecurity framework that reduces risks, strengthens the security posture of the Government of Alberta (GoA) and aligns with the Information Security Management Directives (ISMD).

Please note that information classified as Protected (per the Data and Information Security Classification standard) is only accessible to Government of Alberta Employees. External users are therefore not able to download this document. To request access, please contact us:


Keywords: cybersecurity, framework, risk management, security, cyber controls