Embed Size (px)
Citation preview
TRA-1 Harmonized Threat and Risk Assessment Methodology
Appendix F-2 - Safeguard Listing
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected Threats
Mitigated Reference(s)AVal T V C A I
Security Program GSP 10.1 Roles and Responsibilities Executives √ √ All √ √ √ All MITS 9.2 Program Managers √ √ All √ √ √ All MITS 9.6 Project Managers √ √ All √ √ √ All MITS 9.6 & 9.10 Chief Information Officer √ √ All √ √ √ All MITS 9.4 Employees √ All √ √ √ All MITS 9.8 DSO √ All √ √ √ All GSP 10.1 & MITS 9.3 IT Security Coordinator √ I, T, S √ √ √ All MITS 9.1 COMSEC Custodian √ I √ √ E, C, A MITS 9.9 BCP Coordinator √ All √ S, T, C, A, N MITS 9.5 Human Resources Effective Establishment √ All √ √ √ All Classification Levels √ All √ √ √ All Financial Resources Departmental Operations √ All √ √ √ All Projects √ All √ √ √ All MITS 9.2 Security Policy/Procedures Sharing Information/Assets √ √ I, T, F, S √ √ √ E, S, C, A GSP 10.2 Contracting √ √ I, S √ √ √ E, S, C GSP 10.4 Security Awareness/Training √ All √ √ √ All GSP 10.5 Identification of Assets √ √ I √ √ √ All GSP 10.6 Security Risk Management √ All √ √ √ All GSP 10.7
Access Limitations √ All √ √ √ E, S, s, T, C, A GSP 10.8
Security Screening √ All √ √ √ E, S, s, T, C, A GSP 10.9
Protection of Employees √ P √ S, s, T,C, A, N GSP 10.10 Physical Security √ All √ √ √ All GSP 10.11
IT Security √ I, T, S √ √ √ AllGSP 10.12, MITS 10,MG-01 Appendix C
& MG-09 5 Security in Emergencies √ All √ √ √ S, T, A, N GSP 10.13 Business Continuity Planning √ All √ S, T, C, A, N GSP 10.14 Security Program Audit √ All √ √ √ All GSP 11 Investigation of Incidents √ All √ √ √ All GSP 10.15
Sanctions √ √ All √ √ √ E, S, s, T, C, A GSP 10.16
Sharing Information/Assets GSP 10.2 Information Arrangements √ √ I, S √ √ √ E, S, C, A Facilities G1-027
Appendix F-2 F2-1 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I Arrangements √ √ F, S √ √ √ E, S, C, A IT Infrastructure MITS 12.10
Arrangements √ √ I, T, S √ √ √ E, S, C, A
Security Outside Canada GSP 10.3 Special Standards TRAs by Location √ All √ √ √ All Travel Restrictions By Location √ √ P, I √ √ E, T, C, N DFAITContracting GSP 10.4, SCM & ISM Roles and Responsibilities SCM 4-6 Project/Technical Authority √ I √ E, S, C SRCL √ √ I √ E, C SCM 7 Facility Security Clearance SCM 8 Personnel Assigned √ √ I √ E, C Document Safeguarding √ I √ E, C International Contracts √ I √ E, S, C SCM 10
Security Awareness/Training
GSP 10.5,MITS 12.12-12.13,MG-01 Appendix F,MG-09 13 & G1-030
Roles and Responsibilities STA 3
Training/Awareness Officer √ √ √ All √ √ √ E, S, s, T, C, A
Security Training STA 4.1
Security Practitioners √ √ √ All √ √ √ E, S, s, T, C, A
Security Awareness STA 4.2
Initial Briefings √ √ √ All √ √ √ E, S, s, T, C, A STA 4.3
Regular Updates √ √ √ All √ √ √ E, S, s, T, C, A STA 8
Identification of Assets GSP 10.6 & IoA Confidentiality IoA 6.5 Categorization: Classified √ √ I √ E, C Marking: Classified √ I √ E, C IoA 7.1 & MG-09 14.5 Categorization: Protected √ √ I √ E, C Marking: Protected √ I √ E, C IoA 7.1 & MG-09 14.5 Availability IoA 6.6 Categorization √ √ All √ S, T, C, A, N Marking √ All √ S, T, C, A, N Integrity IoA 6.7 Categorization √ √ I √ S, s, C, A Marking √ I √ S, s, C, ASecurity Risk Management GSP 10.7 & SRM TRAs SRM 6 & MG-09 7 Initial Assessment √ √ All √ √ √ All Continuous Monitoring √ √ All √ √ √ AllAccess Limitations GSP 10.8
Appendix F-2 F2-2 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I Classified/Protected Assets Need to Know √ √ I √ E, C
Security Screening √ √ All √ √ √ E, S, s, T, C, A
Availability/Integrity
Separation of Duties √ √ √ All √ √ √ S, s, T, C, A
Security Screening GSP 10.9 & SS Reliability Status SS 7
Establishing Requirements √ All √ √ √ E, S, s, T, C, A
Initial Screening √ √ All √ √ √ E, S, s, T, C, A
Evaluating Results √ √ All √ √ √ E, S, s, T, C, A
Regular Updating √ √ All √ √ √ E, S, s, T, C, A
Review for Cause √ √ All √ √ √ E, S, s, T, C, A
Revocation √ √ All √ √ √ E, S, s, T, C, A
Release Procedures √ √ All √ √ √ E, S, s, T, C, A
Security Clearance SS 9-10 Establishing Requirements √ √ I √ E, C Initial Screening √ √ I √ E, C Evaluating Results √ √ I √ E, C Regular Updating √ √ I √ E, C Review for Cause √ √ I √ E, C Revocation/Downgrading √ √ I √ E, C Release Procedures √ √ I √ E, C Site Access Clearance SS 10.2 Establishing Requirements √ √ I √ E, C Initial Screening √ √ I √ E, C Evaluating Results √ √ I √ E, C Regular Updating √ √ I √ E, C Review for Cause √ √ I √ E, C Revocation √ √ I √ E, C Release Procedures √ √ I √ E, CProtection of Employees GSP 10.10, OSHP Identify Employees at Risk
TRA √ P √ S, s, T, C, A, N
Management Response
Protective Measures √ P √ S, s, T, C, A, N
Support Mechanisms √ P √ S, s, T, C, A, N
Appendix F-2 F2-3 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I
Training and Counselling √ P √ S, s, T, C, A, N
Incident Management
Incident Reporting √ P √ S, s, T, C, A, N
Incident Investigation √ P √ S, s, T, C, A, N
Remedial Action √ P √ S, s, T, C, A, N
Physical Security GSP 10.11 & PS Planning Factors G1-005 Building Codes √ All √ √ √ All G1-010 Security Zones √ All √ √ √ E, S, s, T, C PS, 6.2 & G1-026 Site Selection PS 7 Easements Through Site √ √ All √ E, S, s, T, C Emergency Lanes √ All √ All Building Location/Topography √ √ All √ All Emergency Services √ All √ All Adjacent Occupants √ √ All √ √ √ E, S, C Perimeter Security PS 7.3 Control of Site Perimeter √ √ All √ √ √ E, S, s, T, C
Illumination of Site √ √ All √ √ √ E, S, s, T, C, A G1-002
Exterior Signs √ √ All √ √ √ E, S, s, T, C, A
Landscape Design √ √ All √ √ √ E, S, s, T, C, A
Parking √ √ All √ √ √ E, S, s, T, C, A
Entry Security PS 7.4 Pedestrian Entrances/Lobbies √ All √ √ √ E, S, s, T, C G1-017 & G1-018 Service/Utility Openings √ All √ √ √ E, S, s, T, C Shipping/Receiving Areas √ All √ √ √ E, S, s, T, C G1-015 Interior Security Planning √ PS 7.5 Circulation Routes √ P, F √ S, s, T, C, A Elevator Lobbies √ P √ S, s, T, C Daycare Centres √ P √ S, T, C, A Conference Rooms/Boardrooms √ P, I √ √ E, S, s, T, C Stairwells/Elevators √ P √ S, s, T, C Washrooms √ P √ S, s, T, C Amenity Spaces √ P √ S, s, T, C Mailrooms √ P, I, F √ √ E, S, s, T, C Telecommunications/Wiring √ I √ √ √ E, S, T, C, A HVAC Spaces √ F √ S, s, T, C, A
Server Rooms √ I, T, S √ √ √ E, S, s, T, C, A G1-031
Access Controls PS 7.6 & G1-025 Identification Cards √ All √ √ √ E, S, s, T, C G1-005
Appendix F-2 F2-4 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I Electronic Access Controls √ All √ √ √ E, S, s, T, C Electronic Intrusion Detection √ √ All √ √ √ E, S, s, T, C
Closed Circuit Video Equipment √ √ All √ √ √ E, S, s, T, C, A
Security Control Centre √ All √ √ √ All G1-013 Sensitive Discussion Areas √ I √ E, C G1-004 Secure Rooms √ I √ √ √ E, S, s, T, C G1-029 Security Guards √ √ All √ √ √ All G1-008 Facility Management PS 7.7 & G1-027
Leasing Contracts √ √ All √ √ √ E, S, s, T, C, A
Maintenance Services √ All √ √ √ E, S, s, T, C, A
Cleaning Services √ All √ √ √ E, S, s, T, C, A
Interior Signs √ All √ √ √ E, S, s, T, C, A
Locking Hardware/Key Control √ All √ √ √ E, S, s, T, C G1-007 & G1-016 Renovation Work √ All √ √ √ All Facility Security Committee √ √ All √ √ √ All Secure Storage PS 8 Security Containers √ I √ √ √ E, C G1-001 Keys/Combinations √ I √ √ √ E, S, T, C G1-007 & G1-016 Maintenance of Containers √ I √ √ √ E, S, T, C Disposal of Containers √ I √ E, C Secure Rooms/Vaults √ I √ √ √ E, C G1-019 & G1-029 Transport/Transmittal PS 9 & G1-009 Transport √ √ I √ √ E, C Transmittal √ √ I √ √ E, C Destruction PS 10 Storage Pending Disposal √ I √ E, C, A Destruction Equipment: Paper √ I √ E, C, A
Destruction Equipment: IT Media √ I √ E, C, A MITS 16.2, DSX-G , G2-003 & ITSG-06
Equipment Marking √ I √ E, C, A Equipment Maintenance √ I √ E, C Contracted Services √ I √ E, C Emergency Destruction √ I √ E, CIT Security GSP 10.12 & MITS Management Controls
System Development Life Cycle √ √ I, T, S √ √ √ All MITS 12.1, MG-02, MG-09 8 & ITSA-09
IT Security Resources for Projects √ I, T, S √ √ √ All MITS 11
Certification and Accreditation √ √ √ I, T, S √ √ √ All MITS 12.2.3 & MG-04 Contracting √ I, T, S √ √ √ E, S, C MITS 12.7 Outsourcing √ I, T, S √ √ √ E, S, C Physical and Personnel Security G2-002
Appendix F-2 F2-5 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I Physical Security √ I, T, S √ √ √ All G1-031 & MITS 16.1
Personnel Security √ √ I, T, S √ √ √ E, S, s, T, C, A MITS 16.3
Technical Safeguards Evaluated Products √ I, T, S √ √ √ All MITS 16.4.1
Identification and Authentication √ I, T, S √ √ √ E, S, s, T, C, A
MITS 16.4.2,MG-09 16 & R2-001
Authorization/Access Control √ I, T, S √ √ √ E, S, s, T, C, A
MITS 16.4.3& MG-09 17
Cryptography √ I √ √ E, C
MITS 16.4.4, ITSD-01 Annex C, ITSB-013,ITSG-10, ITSG-13
& MG-09 19 Public Key Infrastructure (PKI) √ I, S √ √ √ E, C MITS 16.4.5
Perimeter Defence √ I, T, S √ √ √ E, S, s, T, C MITS 16.4.6, ITSD-02,MG-01 &
Mobile Computing/Telework √ √ I, T, S √ √ √ E, S, s, T, C, A
MITS 16.4.7& ITSPSR-14
Wireless Devices √ √ I, S √ √ √ E, S, s, T, C, A
MITS 16.4.8, ITSB-02,ITSB-03, ITSB-06, ITSB-12, ITSB-15,ITSB-19, ITSB-29,
ITSPSR-16, ITSPSR-17
ITSPSR-18, ITSPSR-21
Emanations Security √ I √ E MITS 16.4.9, ITSD Annex E & ITSB-18
Telecommunications Cabling √ I, S √ √ E MITS 16.4.10
Software Integrity √ I, T, S √ √ √ E, S, s, T, C, A MITS 16.4.11
Software Security Configuration √ I √ √ √ E, S, s, T, CMITS 16.4.11,
G2-004, G2-005,ITSPSR-19 & ITSG-20
Technical Safeguards (continued)
Malicious Code Protection √ I, S √ √ E, S, s, T, C MITS 16.4.12& R2-002
Intrusion Detection √ I, S √ √ √ E, S, s, T, C MITS 17-18
Backup/Recovery √ I, T, S √ S, s, T, C, A, N
MITS 18.5, ITSB-09MG-01 Appendix E& MG-09 11 & 14.4
Operational Safeguards
Help Desk/Problem Resolution √ I, T, S √ √ √ All MITS 14.2& MG-09 14.1
Incident Management √ I, T, S √ √ √ All MITS 12.4 & 18,MG-09 12 & ITSA-10
Vulnerability Assessments √ I, T, S √ √ √ E, S, s, C MITS 12.5 Patch Management √ I, T, S √ √ √ E, S, s, C, A MITS 12.5.2 IT Continuity Planning √ I, T, S √ S, T, A, N MITS 12.8
Appendix F-2 F2-6 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Safeguard Class Safeguard Group Safeguard
Impact AssetsProtected
ValuesProtected
Threats Mitigated Reference(s)
AVal T V C A I
IT Security Assessment/Audit √ I, T, S √ √ √ All MITS 12.11& MG-09 18
Configuration Management √ I, T, S √ √ √ All MITS 14.1& MG-09 14.3
Change Control √ I, T, S √ √ √ All MITS 14.1 Capacity Planning √ I, T, S √ S, A MITS 14.3 Hardware Maintenance √ I, T, S √ √ √ A MG-09 14.7 Environmental Protection √ I, T, S √ A, N Power Conditioning/Backup √ I, T, S √ S, T, A, NSecurity in Emergencies GSP 10.13 & RL Plans and Procedures Departmental Plans √ √ All √ S, T, A, N Testing √ All √ S, T, A, N Coordination with Other Plans √ All √ S, T, A, N Resourcing for Sustainability √ All √ S, T, A, NBusiness Continuity Planning GSP 10.14 & BCP Governance Structure BCP 3.1 & BCPTD 3 Authorities √ All √ S, T, C, A, N Responsibilities √ All √ S, T, C, A, N Business Impact Analysis √ All √ S, T, C, A, N BCP 3.2 & BCPTD 4 Plans/Arrangements √ All √ S, T, C, A, N BCP 3.3 & BCPTD 5 BCP Program Readiness √ All √ S, T, C, A, N BCP 3.4 & BCPTD 6 Review, Testing and Audit √ All √ S, T, C, A, N BCP 3.4 & BCPTD 6Investigation of Incidents GSP 10.15 & SIS Incident Investigation √ All √ √ √ All Incident Reporting √ All √ √ √ AllSanctions GSP 10.16 & SIS
Security Violations √ √ All √ √ √ E, S, s, T, C, A
Security Breaches √ √ All √ √ √ E, S, s, T, C, A
Appendix F-2 F2-7 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
Notes:1. To help with the selection of suitable security measures, the Safeguard Listing provides a
general indication of the risk variables affected by each countermeasure and some useful references as follows:o Column 1 lists Safeguards within Safeguard Groups and Safeguard Classes;o Columns 2-4 indicate which of the three risk variables might be lowered by the
safeguard, asset values (AVal), threats (T) or, most frequently, vulnerabilities (V); o Column 5 identifies which classes or categories of assets might be protected by the
safeguard, namely personnel (P), information (I), IT systems (T), facilities (F), services (S) or intangible assets (i);
o Columns 6-8 suggest which asset values might be protected by the safeguard, specifically confidentiality (C), Availability (A) or integrity (I);
o Column 9 points to some of the threat activities or classes mitigated by each safeguard, such as espionage (E), sabotage (S), subversion (s), terrorism (T), criminal acts (C), accidents (A) and natural hazards (N); and
o Column 10 provides some references to the GSP, Operational Security Standards and technical documentation that describe the safeguard and its intended use. The entries are keyed to the titles listed below, and some contain pointers to specific sections of the cited reference. For example, GSP 10.1 refers to section 10.1 of the GSP while BCPTD 3 indicates section 3 of the BCP Technical Documentation issued by PSEPC. Sources for this documentation may be found in Appendix G-3, References.
GSP – Government Security Policy. OSHP – Occupational Safety and Health Policy. Operational Security Standards –
BCP – Business Continuity Planning (BCP) Program, IoA – Identification of Assets, MITS – Management of Information Technology Security, PS – Physical Security, RL – Readiness Levels for Federal Government Facilities, SCM – Security in Contracting Management, SIS – Security Investigations and Sanctions, SS – Security Screening, STA – Security Training and Awareness,
CSE IT Security Alerts, Bulletins, Directives and Guidelines – ITSA-09 – COMSEC Equipment Disposal. ITSA-10 – COMSEC Incident Reporting. ITSB-02 – Government of Canada Wireless Vulnerability Assessment. ITSB-03 – Trends in Wireless Technology and Security. ITSB-06 – CSE Approves Secure BlackBerry. ITSB-09 – STU-III Operation during a Power Outage. ITSB-12 – Procurement of the Blackberry Security Module. ITSB-13 – Key Ordering for STE. ITSB-15 – Security Vulnerability - Wireless Local Area Network (WLAN)
Capable Laptops.
Appendix F-2 F2-8 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
ITSB-18 – NATO Recommended Products List (NRPL) - TEMPEST Approved Products.
ITSB-19 – Security Measures - Wireless Electronic Devices. ITSB-29 – SECTERA Global System for Mobile Communication Security
Module (SGSM) Wireless Standing Offer. ITSD-01 – Directives for the Application of Communications Security in the
Government of Canada. ITSD-02 – IT Security Zones Baseline Security Requirements. ITSG-06 – Clearing and Declassifying Electronic Data Storage Devices. ITSG-10 – COMSEC Material Control Manual. ITSG-13 – Cryptographic Key Ordering Manual. ITSG-20 – Windows Server 2003 Recommended Baseline Security. ITSPSR-14 – Telework Project. ITSPSR-16 – Personal Communications Services (PCS) and Cellular System
Vulnerability Assessment. ITSPSR-17 – Bluetooth Vulnerability Assessment. ITSPSR-18 – Personal Digital Assistant Vulnerability Assessment. ITSPSR-19 – Windows 2000 Pro and Windows XP Pro Recommended
Baseline Security. ITSPSR-21 – 802.11 Wireless LAN Vulnerability Assessment. MG-1 – Network Security, Analysis and Implementation. MG-2 – A Guide to Security Risk Management for Information Technology
Systems. MG-4 – A Guide to Certification and Accreditation for Information
Technology Systems. MG-9 – Canadian Handbook on Information Technology Security.
DFAIT – Foreign Affairs Travel Warnings. Public Safety and Emergency Preparedness Canada –
BCPTD – Business Continuity Planning Program Technical Documentation. Public Works and Government Services Canada –
ISM – Industrial Security Manual. RCMP Physical Security and IT Security Guides, Bulletins and Reports –
G1-001 – Security Equipment Guide, G1-002 – Security Lighting, G1-003 – Glazing, G1-004 – Construction of Special Discussion Areas, G1-005 – Preparation of Physical Security Briefs, G1-006 – Identification Cards/Access Badges, G1-007 – Security Sealing of Building Emergency/Master Keys or Cypher
Lock Codes, G1-008 – Guidelines for Guard Services, G1-009 – Standard for the Transport and Transmittal of Sensitive Information
and Assets, G1-010 – Security Connotations of the 1995 National Building Code, G1-011 – Overhead Door Specifications, G1-013 – Security Control Room Space Requirements,
Appendix F-2 F2-9 2007-10-23Safeguard Listing
TRA-1 Harmonized Threat and Risk Assessment Methodology
G1-014 – Exterior Fixed Ladder Barrier Specification G1-015 – Entry Controls for Overhead Doors, G1-016 – Master Key Systems, G1-017 – Hardware, G1-018 – Doors and Frames, G1-019 – Vaults, G1-024 – Control of Access, G1-025 – Protection, Detection and Response, G1-026 – Application of Physical Security Zones, G1-027 – Tenant and Custodian Departments Physical Security
Responsibilities, G1-029 – Secure Rooms, G1-030 – Security Awareness Guide, G1-031 – Server Rooms. G2-002 – Guide to Minimizing Computer Theft, G2-003 – Hard Drive Secure Information Removal and Destruction
Guidelines, G2-004 – Windows 2000 Professional Advanced Security Configuration
Guide, G2-005 – Windows 2000 Active Directory Security Configuration Guide, B2-001 – Suggested DSX Replacement Products, R2-001 – Biometric Technologies, R2-002 – Future Trends in Malicious Code, DSX-G – RCMP Hard Disk Overwrite Software (DSX) User Manual.
2. The Safeguard Listing should be employed with caution for it cannot be complete and there are exceptions to many entries. It is intended, however, to provide a useful point of departure for analysis during the safeguard selection process in the Recommendations Phase of a TRA project. With that in mind, other material will be added from time to time. Any suggestions for further references may be submitted to the offices identified in the Foreword.
Appendix F-2 F2-10 2007-10-23Safeguard Listing
