G-1.03 - Act respecting the governance and management of the information resources of public bodies and government enterprises

Full text
12.7. A deputy chief information security officer assumes the following responsibilities with respect to the public bodies to which the deputy is attached:
(1)  supporting the government chief information security officer in taking responsibility for government action with respect to information security;
(2)  applying, under the direction of the government chief information security officer, the standards, directives, rules or application instructions related to information security made under this Act;
(3)  ensuring the protection of information resources and information, in particular by managing risks and vulnerabilities and by implementing measures to provide protection against any form of breach such as threats or cyber attacks;
(4)  taking any action required in the event of a breach of the protection of information resources and information;
(5)  making specific application instructions with respect to information security for those bodies;
(6)  overseeing the implementation of the information security obligations under this Act, seeing to compliance with those obligations and evaluating the measures taken by those bodies in that area; and
(7)  reporting on his or her management to the government chief information security officer and sending that officer any information required, according to the procedure determined by the Minister.
If the provisions of an application instruction of the government chief information security officer made under paragraph 4 of section 12.6 are incompatible with the provisions of an application instruction of the deputy chief information security officer made under subparagraph 5 of the first paragraph concerning the same object, the provisions of the former prevail.
2021, c. 22, s. 7; 2021, c. 33, s. 31.
12.7. A deputy chief information security officer assumes the following responsibilities with respect to the public bodies to which the deputy is attached:
(1)  supporting the government chief information security officer in taking responsibility for government action with respect to information security;
(2)  applying, under the direction of the government chief information security officer, the standards, directives, rules or application instructions related to information security made under this Act;
(3)  ensuring the protection of information resources and information, in particular by managing risks and vulnerabilities and by implementing measures to provide protection against any form of breach such as threats or cyber attacks;
(4)  taking any action required in the event of a breach of the protection of information resources and information;
(5)  making specific application instructions with respect to information security for those bodies;
(6)  overseeing the implementation of the information security obligations under this Act, seeing to compliance with those obligations and evaluating the measures taken by those bodies in that area; and
(7)  reporting on his or her management to the government chief information security officer and sending that officer any information required, according to the procedure determined by the Chair of the Conseil du trésor.
If the provisions of an application instruction of the government chief information security officer made under paragraph 4 of section 12.6 are incompatible with the provisions of an application instruction of the deputy chief information security officer made under subparagraph 5 of the first paragraph concerning the same object, the provisions of the former prevail.
2021, c. 22, s. 7.