Security Schedule

Last updated on February 21, 2025

Security Schedule - Cloud Security

The Security Schedule outlines the security requirements that a Contractor must adhere to safeguard B.C. government systems and information. It defines the minimum security controls for information classified as ‘Protected B’ or lower (refer to IMIT 6.18 Information Security Classification Standard) and for systems that are not critical to government service delivery (see IMIT 5.10 Critical Systems Standard).

The Security Schedule must always be attached to a contract. Any changes must be reviewed and approved by both the Ministry Legal Counsel and the Ministry Information Security Officer (MISO), or by Office of the Chief Information Officer (OCIO) Cybersecurity and Digital Trust (CDT) if the contract is for shared services.

The latest version of the Security Schedule can be found in the following contract templates:

Information Technology and Management Consulting Professional Services Agreement (IT/MC-GSA)
Financial Review and Assurance Services Agreement (FRASA)
General Service Agreement (GSA)

For more information on how to use the Security Schedule: Security Schedule Guide.docx

If you have any questions about Security Schedule or how to use it, please reach out to ociosecurity@gov.bc.ca.

Did you find what you were looking for?

The B.C. Public Service acknowledges the territories of First Nations around B.C. and is grateful to carry out our work on these lands. We acknowledge the rights, interests, priorities, and concerns of all Indigenous Peoples - First Nations, Métis, and Inuit - respecting and acknowledging their distinct cultures, histories, rights, laws, and governments.

More topics

Security Schedule

Security Schedule - Cloud Security