Find an IM/IT Guideline, Specification or Policy
Last updated on September 6, 2024Updated: September 5, 2024
Here you can find the current version of each IMIT Guideline or Policy. These apply to all ministries and provincial agencies.
Gaps in numbering is because some become obsolete or been moved. More detail can be found in the detail column or contact us for more information.
***NOTE: Contact email changed to: CITZAS@gov.bc.ca
| # | Standard | Description | Applies to | Detail |
|---|---|---|---|---|
| 1.02 | Guidelines on the Use of Open Source Software |
Guidelines to help inform decision makers when the use of Open Source Software packages are being considered |
Ministries and Agencies when considering the procurement of software for the Province of British Columbia |
2. Software Development
| # | Standard | Description | Applies to | Detail |
|---|---|---|---|---|
| 2.02 | REST API Development Guidelines |
Guidelines on the use of a specific software architecture style (REST) for public facing Application Programming Interfaces |
All public facing application software programming interfaces |
3. Information Management
| # | Standard | Description | Applies to | Detail |
|---|---|---|---|---|
| 3.02 | Guidelines for Best Practices in Data Management – Roles and Responsibilities |
Guidelines to outline the roles and responsibilities described here which reflect best practices for data management within the Province of British Columbia. From a business context, these concepts provide foundational support for improving information access and sharing both internally within government and to the public |
Management of data sets | |
| 3.11 | Guidelines to the Core Administrative and Descriptive Metadata Guidelines | Guidelines to support the standard which specifies nine core metadata elements that should be adapted and incorporated into metadata that is currently in use in systems that manage digital government information | Applies to Ministries, agencies, boards, and commissions that are subject to the Core Policy and Procedures Manual should apply the Standard to digital government information | |
| 3.12 | Gender and Sex Data Standard Guidelines | These Guidelines should be used in conjunction with the Gender and Sex Data Standard (the Standard), provide background on the Standard, and elaborate on its usage. For any discrepancies between the Standard and these Guidelines, the Standard is the authoritative document. | Ministries, agencies, boards, and commissions that are subject to the Core Policy and Procedures Manual (CPPM) should apply the Standard and these accompanying Guidelines to government information that is collected, recorded and/or used. |
4. Identity Management
5. IT Management
| Standard | Description | Applies to | Detail | |
|---|---|---|---|---|
| 5.08 | Network to Network Connectivity Specifications | Supplement to the Network to Network Connectivity Standard | All network-to-network connections between SPAN/BC and external networks | |
| 5.11 | Critical Systems Guidelines |
Supplement to the Critical Systems Standard |
Any system deemed critical |
6. IT Security
| # | Standard | Description | Applies to |
Detail |
|---|---|---|---|---|
| 6.11 | Security Threat and Risk Assessment Specifications |
Supplement to the Security Threat Risk Assessment standard |
Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.14 | Application and Web Security Specifications | Supplement to the Application and Web Security Standard | Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
|
6.15 |
Mobile Device Management Security Specifications |
Supplement to the Mobile Device Security standard |
Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.16 | Database Security Specifications | Specifications for the protection of databases | Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.19 | Information Security Specifications |
This document provides a structured approach to identifying the broad spectrum of information security activities in the life-cycle of information systems |
Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.23 | Asset Management Security Guidelines |
This document provides detailed security specifications to support the standard. Both the standard requirements and these specifications MUST be followed. |
Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.27 | Operations Security Specifications | This standard provides specifications Operations Security related information security activities | Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.28 | Network and Communications Security Specifications | This document provides detailed security specifications to the Network and Communication Security Standard | Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.29 | Systems Acquisition, Development, and Maintenance Security Specifications | This document provides detailed security specifications to support the standard | Applies to all of core government and to all contracted service providers conducting business on behalf of government | |
| 6.31 | Cybersecurity Incident Management Standard Specifications | This document provides detailed security specifications to support the standard. Both the standard requirements and these specifications MUST be followed. | Applies to all of core government and to all contracted service providers conducting business on behalf of government |