Corporate Audit of Security
Final Summary Report

4.0 OVERALL ASSESSMENT

Citizenship and Immigration Canada has implemented a security approach that largely reflects the requirements of the GSP. However, the security functions were not fully effective. They require more attention from senior management to define corporate level risks and provide appropriately sized budgets. This would provide a broad security framework for regions and sites to implement their own effective security programs.

CIC manages information in the course of conducting departmental business that is sensitive and frequently classified. There is a trend toward increased use of sensitive information in the normal course of business. This trend, combined with the general lack of attention to data sensitivity when assessing security requirements, increases the Department’s risk of inappropriate disclosure of information that should be protected.

The terrorist attacks of September 11, 2001, on the World Trade Centre changed the public’s view of the adequacy of security measures. The government of Canada implemented and financed new high-level security measures for most areas under federal responsibility and senior management of CIC have given greater attention to security.

<< Contents| Previous | Next >>

Need Help? Find answers in the Help Centre