Skip Ribbon Commands
Skip to main content

Compliance Regulation

1.1.2 Standard on the Management of IT Security MITS

Assigned To



Part I - Introduction

1. Purpose

This standard defines baseline security requirements that federal departments must fulfill to ensure the security of information and information technology (IT) assets under their control. 

2. Scope and Application

The Government Security Policy states requirements for protecting government assets, including information, and directs the federal departments and agencies to which it applies to have an IT security strategy. The Policy on the Management of Government Information requires that departments protect information throughout its life cycle. This standard expands upon the requirements of both these policies. It also replaces the Information Technology Security Standard (1995), Chapter 2-3 of the Treasury Board Information and Administrative Management Security Manual.
The Government Security Policy defines IT security as the "safeguards to preserve the confidentiality, integrity, availability, intended use and value of electronically stored, processed or transmitted information." For the purposes of this standard, the term 'IT security' will also include the safeguards applied to the assets used to gather, process, receive, display, transmit, reconfigure, scan, store or destroy information electronically.



Standard on the Management of IT Security MITS


Created at 11/26/2013 1:39 AM by System Account
Last modified at 11/26/2013 1:39 AM by System Account