A. Mandate

The Royal Canadian Mounted Police Information Technology Security Branch (ITSB) is part of the Technical Operations Directorate and is responsible, as mandated in Treasury Board policy, for the following aspects of information technology security:

1. In consultation with Treasury Board Secretariat(TBS) and Communications Security establishment (CSE), developing the operational standard on information technology security for the approval of Treasury Board, and advising on its application.
2. Developing, approving, and issuing particular technical documents on information technology security, and advising on their application.
3. Reviewing and advising on information technology security in departments, other than the Department of National Defence (DND), when requested.
4. Providing advice on threat and risk assessments, when requested.
5. Reviewing compliance with information technology security clauses in contracts, when requested by the contracting authority.
6. Carrying out specialized training on information technology security.
7. Providing technical assistance to investigations related to information technology.
8. Reporting to the Secretary of the Treasury Board on the state of information technology security in the government, when requested.

B. Organization

ITSB is organized on a functional basis. The major component is the Security Evaluation and Inspection Team (SEIT) which was formed in 1974, in response to a need for improved security at computer installations where federal government information is processed. SEIT is comprised of individuals from various fields of specialization. Members have broad backgrounds (academic and practical) in the areas of hardware, communications, software, operations, or the physical and personnel aspects of information technology (IT) security.

The Computer Investigative Support Unit (CISU) was established in 1988 to assist the RCMP and other police forces in the investigation of crimes involving computers.

The Counter Technical Intrusion Unit (CTIU) was formed in 1974 to ensure that certain areas or discussions are protected from technical attacks by clandestine information- gathering devices. CTIU personnel are qualified electronic technologists with comprehensive training in the field of eavesdropping.

C. Roles and Responsibilities

1. SEIT

The primary function of the Security Evaluation and Inspection Team is to advise federal government institutions on security concerns relative to the computer systems owned by, or operated on behalf of, the Government of Canada. This advice is provided through IT security reviews (comprehensive, follow-up, and consultative), which are conducted in accordance with the Security Policy of the Government of Canada (GSP), operational level standards, and the Technical Security Standard for Information Technology (TSSIT). These standards address the requirement to protect the confidentiality and integrity of information and the availability of services. SEIT reports to the Treasury Board Secretariat annually on the security status of each client institution.

In response to the rapidly increasing number of reported incidents of viruses affecting government computer systems, SEIT has established an incident-reporting line along with a virus help desk.

SEIT provides advice and guidance to government departments and agencies in the area of threat and risk assessment (TRA) through training, publications and assistance. SEIT also provides, on request, information for use in departmental TRAs to assess threats to IT assets.

Research projects are undertaken to review various available products and services applicable to IT security.

SEIT produces IT security publications, including the IT Security Bulletin, which addresses current IT security issues and is published three times per year.

SEIT offers IT security workshops and seminars each year. Regularly scheduled courses include:

• IT Security Workshop for LAN,
• IT Security Coordinator Workshop, and
• IT Threat and Risk Assessment Workshop.

Seminars are also held to deal with topics such as threat and risk assessments, contingency planning/disaster recovery, and viruses.

2. CISU

Duties performed by members of the Computer Investigative Support Unit relate directly to the RCMP's role in law enforcement in the area of crimes involving computers. They provide technical advice in preparation for computer searches, assist with the actual seizures of computer evidence, perform forensic analysis of seized computer hardware/software and give evidence in court.

3. CTIU

The Counter Technical Intrusion Unit's primary responsibility is carrying out technical inspection services (sweeps) for the federal government, for provincial and municipal governments in contract provinces and as assistance to other police forces. CTIU personnel also carry out technical evaluations in cases of theft of communications such as cellular telephone frauds, and appear in court as expert witnesses.

D. IT Security Reviews

SEIT conducts three types of reviews: comprehensive, follow-up and consultative.

1. Comprehensive

A SEIT comprehensive review typically covers the following seven areas of IT security:

• Organizational and Administrative Security,
• Personnel Security,
• Physical and Environmental Security,
• Hardware Security,
• Communications Security,
• Software Security, and
• Operations Security.

Each team member is assigned responsibility for one or more of these areas, and the comprehensive review is conducted through personal interviews and review of documentation. A post-review briefing of facility/institutional personnel includes presentation of draft recommendations. SEIT provides facility management with a report documenting the results of the review, highlighting security deficiencies, and offering recommendations and suggestions for raising the organization's security profile to an adequate level.

2. Follow-up

Within two months after the client institution's receipt of the comprehensive review report, SEIT contacts the institution regarding interpretation or clarification of the report. Within six months after receipt of the report, the institution submits an action plan specifying details for dealing with security weaknesses identified in the report. Subsequent follow-up reviews are intended to monitor and assist in the implementation of SEIT recommendations.

3. Consultative

Consultations are provided to assist an institution in preparing for a comprehensive review, to assist with implementation of SEIT recommendations or to review an organization's security status and advise on implementation of IT security standards and guidelines.

E. Information Contacts

1. For information on SEIT Reviews, contact:

Internet address: pteeple@seit.com

2. For information on workshops and courses, contact:

Internet address:dmarcotte@seit.com

3. For information on the VIRUS help desk, contact:

4. For information on counter technical intrusion inspections, contact:

5. If you wish to receive the IT Security Bulletin (HARDCOPY ONLY), which is free of charge, address your request to: