The directives stated in this document establish the corporate security requirements of Information
and Technology (IT) systems, and the organizational roles and responsibilities for information
security management in the Government of Alberta (GoA), and its Departments and public
agencies (Ministries). These directives are applicable to all IT Systems and Data whether hosted in
house or off premise in cloud based services and solutions.
The directive statements identify the controls necessary to implement foundational IT security within
the Government of Alberta. GoA security standards and other policy instruments provide further
information regarding the details surrounding the implementation of these directives.
ISMD statements will be supported and elaborated through the use of Standards, Operational
procedures, and other Policy Instruments.