Summary of 910 - IT Security Risk Management Boot Camp

Course Description

All Government of Canada (GC) departments and agencies transmitting, storing or processing sensitive government information must be protected by systems that have been developed, acquired and evaluated according to recognized standards and implemented in accordance with GC policies and directives.

This boot camp will provide participants with the overall concepts of IT security risk management for the GC and the foundational knowledge and guidelines needed to contribute to the development of security control profiles. It will also highlight the integration of IT security risk management within the System Development Lifecycle (SDLC) as described in ITSG-33.

This boot camp consists of the following foundational courses:

  • 104 – IT Security Risk Management: A Lifecycle Approach (ITSG-33)
  • 105 – Information System Security Implementation Process (ISSIP)*
  • 701 – IT Security Risk Management and Security Control Profiles*

 * Courses 105 and 701 are no longer offered on our public schedule.

Course Objectives

This course will provide you with a high-level appreciation of the key concepts and processes of cross domain solutions. It will help you plan and understand the business requirements for cross domains solutions when the need arises for information sharing between security domains.

  • Apply IT security risk management within the GC context
  • Identify the initial steps to integrating risk management guidance within your department
  • Describe the ISSIP and why it is required
  • Situate the ISSIP within the ITSG-33 security risk management process
  • Describe all the ISSIP activities
  • Complete key ISSIP activities
  • Interpret departmental threat & risk assessments
  • Identify business domains
  • Define IT security approaches
  • Identify relevant common criteria
  • Develop departmental security control profiles




4 days

Delivery Method

In-class:  four straight days, usually from Monday to Thursday.
WEBEX (virtual): four straight days, usually from Monday to Thursday.

Target Audience

Project/Program Managers, IT Security Designers, Architects, Engineers and Managers


Course 601 – Introduction to IT Security Management [e-learning]

Report a problem on this page
Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: