Find an IM/IT Guideline, Specification or Policy

Last updated on March 14, 2025

Find the current version of each IM/IT guideline, specification or policy, as well as other related standards. These apply to all ministries and provincial agencies.

Gaps in numbering may be present. Contact us for more information.

On this page

1. Appropriate Use

# Standard Description Applies to Detail
1.02 Guidelines on the Use of Open Source Software

Guidelines to help inform decision makers when the use of Open Source Software packages are being considered

Ministries and Agencies when considering the procurement of software for the Province of British Columbia

Guidelines

2. Software Development

# Standard Description Applies to Detail
2.02 REST API Development Guidelines

Guidelines on the use of a specific software architecture style (REST) for public facing Application Programming Interfaces

All public facing application software programming interfaces

Guidelines

3. Information Management

# Standard Description Applies to Detail
3.02 Guidelines for Best Practices in Data Management – Roles and Responsibilities

Guidelines to outline the roles and responsibilities described here which reflect best practices for data management within the Province of British Columbia. From a business context, these concepts provide foundational support for improving information access and sharing both internally within government and to the public

Management of data sets

Guidelines

3.11 Guidelines to the Core Administrative and Descriptive Metadata Guidelines Guidelines to support the standard which specifies nine core metadata elements that should be adapted and incorporated into metadata that is currently in use in systems that manage digital government information Ministries, agencies, boards and commissions that are subject to the Core Policy and Procedures Manual should apply the Standard to digital government information

Guidelines

Standard 3.11

3.12 Gender and Sex Data Standard Guidelines These Guidelines should be used in conjunction with the Gender and Sex Data Standard (the Standard), provide background on the Standard, and elaborate on its usage. For any discrepancies between the Standard and these Guidelines, the Standard is the authoritative document Ministries, agencies, boards and commissions that are subject to the Core Policy and Procedures Manual (CPPM) should apply the Standard and these accompanying Guidelines to government information that is collected, recorded and/or used

Guidelines

Standard 3.12

3.13 Guidelines to the Indigenous Languages Technology Standard   These guidelines outline how to support Indigenous languages in computer systems, complementing the material in the Indigenous Languages Technology Standard Ministries, agencies, boards and commissions that are subject to the Core Policy and Procedures Manual (CPPM) should apply the Standard and these accompanying Guidelines to ensure IM/IT systems can support Indigenous languages

Guidelines

Standard 3.13

4. Identity Management 

Review IM/IT Standards

5. IT Management 

  Standard Description Applies to Detail
5.08 Network to Network Connectivity Specifications Supplement to the Network to Network Connectivity Standard All network-to-network connections between SPAN/BC and external networks

Specifications

Standard 5.08

5.11 Critical Systems Guidelines

Supplement to the Critical Systems Standard

Any system deemed critical

Guidelines

Standard 5.10

6. IT Security 

# Standard Description Applies to

Detail

6.11 Security Threat and Risk Assessment Specifications

Supplement to the Security Threat Risk Assessment standard

Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.11

6.14 Application and Web Security Specifications Supplement to the Application and Web Security Standard Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.14

6.15

Mobile Device Management Security Specifications

Supplement to the Mobile Device Security standard

Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.15

6.16 Database Security Specifications Specifications for the protection of databases Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.16

6.19 Information Security Specifications

This document provides a structured approach to identifying the broad spectrum of information security activities in the life-cycle of information systems

Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.19

6.23 Asset Management Security Guidelines

This document provides detailed security specifications to support the Standard. Both the standard requirements and these specifications must be followed

Applies to all of core government and to all contracted service providers conducting business on behalf of government

Guidelines

Standard 6.23

6.27 Operations Security Specifications The Standard provides specifications for Operations Security related information security activities Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.27

6.28 Network and Communications Security Specifications This document provides detailed security specifications to the Network and Communication Security Standard Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.28

6.29 Systems Acquisition, Development and Maintenance Security Specifications This document provides detailed security specifications to support the standard Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.29

6.30 Supplier Relationships Security Specifications This document provides detailed security specifications to support the standard Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.30

6.31 Cybersecurity Incident Management Standard Specifications This document provides detailed security specifications to support the standard. Both the standard requirements and these specifications must be followed Applies to all of core government and to all contracted service providers conducting business on behalf of government

Specifications

Standard 6.31