12.6. The government chief information security officer assumes the following responsibilities:
(1) directing government action with respect to information security;
(2) recommending to the Conseil du trésor rules to ensure information security, including authentication and identification rules, and recommending to the Chair of the Conseil du trésor performance targets applicable to public bodies with respect to information security;
(3) establishing the government digital data security classification model based on the data’s nature, characteristics and use, and the rules governing them, and obtaining approval for the model from the Conseil du trésor;
(4) communicating expectations to public bodies with respect to information security and making application instructions for them;
(5) overseeing the implementation by public bodies of the information security obligations resulting from the application of this Act, seeing to compliance with those obligations and evaluating the measures taken by public bodies in that area;
(6) reporting to the Chair of the Conseil du trésor, according to the conditions and procedures determined by the latter, on performance target results as well as on compliance with obligations and making any necessary recommendation; and
(7) exercising any other function assigned by the Chair of the Conseil du trésor or by the Government.