Policy Framework for Information and Technology
We will be updating our design to align with Canada.ca. The policies, directives, standards and guidelines will remain available during and after this update is complete.
1. Effective Date
1.1This framework takes effect on July 1, 2007.
2.1 Information is the cornerstone of a democratic, effective, and accountable government. Therefore, information must be well managed throughout its life cycle, allowing for an effective and responsive government.
2.2 Stewardship of information and technology encompasses fiscal responsibility in meeting client needs and expectations both internal and external to government. This includes ensuring that technical solutions and information management practices are respectful of individual privacy and that information is secure from unauthorized access. Both information and technology must be developed, deployed, and managed in appropriate formats. This facilitates usability by all those accessing government services, including persons with disabilities. Additionally, it ensures the support of the provision of services and information in both official languages, while respecting individual and collective rights.
2.3 The Policy Framework for Information and Technology provides the strategic context for the Policy on Information Management and the Policy on the Management of Information Technology. It also takes into consideration the Privacy and Data Protection policy, the Access to Information policy, and the Policy on Government Security. In addition, it provides guiding principles to sound information and technology management practices across government. These principles also serve to support individuals and employees in exercising their rights and performing their duties.
2.4 This framework is part of an integrated and consistent approach to public service management. As such, it shows its alignment and relationships with key policy frameworks and legislation.
3.1 The management of information and associated technologies is guided by a commitment to the following principles:
Information under the control of federal departments both records government actions and also preserves Canadian history. Information supports public reporting, sound planning, and decision making for current and future governments. Because information is a valuable asset, it must be treated as such and that is a responsibility of all employees.
Efficient, effective, and innovative information technology (IT) is a key enabler to achieving well-managed information in support of policies, programs, and services.
Information must be rigorously managed throughout its life cycle, regardless of medium or format, for as long as it is required by departments to meet their operational and fiscal responsibilities, legal obligations, and accountabilities. This means ensuring that strategies are in place to ensure that information is current, complete, and accurate. IT is a key enabler and must also be well managed within a strict business case and project management discipline. Sound stewardship means that business needs determine information needs and associated processes, application, and IT.
A whole-of-government approach means working across departmental and jurisdictional boundaries to provide, within legislated parameters, timely access to seamless and integrated information. It means setting government-wide framework and policy, standards, guidelines, practices, and tools to ensure the quality of information and integration. Efficient integration is achieved when business, information, and technology are reliable and interoperable. It means standardizing information sources of common data, reusing information and technology solutions to eliminate duplication and redundancy, maximizing investments, and minimizing costs, while respecting the privacy rights of those individuals accessing government services. Above all, a whole-of-government approach means that, while individuals interact with many different organizations, their experience is with the Government of Canada.
Access and privacy
Respect for individual privacy applies across the information life cycle in accordance with the Privacy Act. Respecting privacy means limiting government interventions into the private lives of Canadians to lawful and necessary purposes and ensuring adequate protection of personal information in accordance with applicable legislation. IT is not only a key enabler to achieve well-managed information, it is also an essential component in ensuring the protection of privacy.
Ensuring the confidentiality, integrity, and availability of information is essential to government decision making and the delivery of services. Effective security of information requires a systematic approach that identifies and categorizes information and associated assets, assesses risks to them, and implements appropriate personnel, physical, and IT safeguards.
Employees document actions and decisions in support of government programs and activities, and maintain information so that it is accessible to anyone who is authorized to have access, including those individuals exercising their rights to access information under the Access to Information Act and the Privacy Act. Managing information to support transparency and accountability also means reporting on performance in ways that are clear to Canadians and Parliament.
The delivery of information and technology services to the public and to employees in both official languages reflects values of equality and respect. The delivery of quality services to the public and employees is guided by the principle of institutional bilingualism that is also expressed in a work environment conducive to the use of both official languages in bilingual regions in accordance with the Official Languages Act and associated policy instruments.
4. Roles, responsibilities, and accountabilities
4.1 Deputy heads are responsible for:
4.1.1 effective management of information and technology throughout their departments;
4.1.2 the sound implementation of investment decisions in the management of information and technology; and
4.1.3 the ongoing performance measurement of the management of information and technology.
4.2 The Treasury Board of Canada Secretariat is responsible for developing directives, standards, guidelines, and tools to aid departments in implementing the policies under this framework.
4.3 The Government of Canada's Chief Information Officer has the responsibility for leading the government-wide pursuit of excellence in service delivery and in the management of information and technology for Canada.
5. Relationship to other Treasury Board frameworks
5.1 The Policy Framework for Information and Technology and its supporting policy instruments have been designed to function in an integrated manner with other policy frameworks and, as such, contribute to the overall management of the government.
5.2 Principles of management of information, technology, privacy, and access cut across all Treasury Board policy frameworks. This framework has relationships with other Treasury Board policies in the following areas:
- government security;
- management, resources, and results structure;
- financial systems;
- financial information and reporting;
- management of projects;
- investment planning; and
- official languages.
6. Monitoring, reporting, and performance assessment
6.1 Specific performance indicators, monitoring, and reporting requirements are described in the individual policies and policy instruments that support this framework.
6.2 The Treasury Board of Canada Secretariat will use information gathered through policy monitoring and reporting, and other assessment activities to evaluate the performance of individual departments and the overall state of information and technology management in the Government of Canada.
6.3 The Foundation Framework for Treasury Board Policies includes additional information on reporting and oversight of Treasury Board policies.
7.1 The Foundation Framework for Treasury Board Policies explains the role and application of consequences with respect to Treasury Board policies. Specific consequences for non-compliance are outlined in the individual policies and policy instruments associated with this framework.
The Treasury Board of Canada Secretariat is responsible for the policy instruments supporting this policy framework.
Please direct any enquiries to:
Chief Information Officer Branch
Treasury Board of Canada Secretariat
Ottawa ON K1A 0R5
Appendix A: Definitions
- Information management (gestion de l'information)
- A discipline that directs and supports effective and efficient management of information in an organization, from planning and systems development to disposal or long-term preservation.
- Information technology (technologie de l'information)
- Includes any equipment or system that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. It includes all matters concerned with the design, development, installation, and implementation of information systems and applications to meet business requirements.
- Department (ministère)
- A federal entity as defined in section 2 of the Financial Administration Act unless excluded by specific acts, regulations, or Orders in Council.