Commissioner's Directive

Information Management

PURPOSE

  • To ensure the responsibilities, authorities and requirements for managing information under the control of the Correctional Service of Canada (CSC) are defined at all levels

APPLICATION

Applies to all employees and authorized users of information under the control of CSC

RESPONSIBILITIES

  1. The Chief Information Officer, as the delegated information management senior official, is responsible for ensuring the appropriate direction, processes and tools are in place to efficiently manage information under the control of the Correctional Service of Canada (CSC).
  2. The Director, Information Management, will:
    1. support CSC program leads in the fulfilment of their information management responsibilities
    2. provide leadership for the strategic planning, resourcing and implementation of information management activities, including training and development for employees
    3. facilitate the continued identification and maintenance of CSC information resources of business value (IRBV).
  3. Information management managers with regional and national oversight will serve as the authority for all information resources and the management of active, inactive and dormant administrative, operational and offender records.
  4. Information management functional specialists will provide information management guidance and support to CSC employees to address information life cycle requirements in the development and operation of business processes, systems, standards and tools that support business information requirements.
  5. All executives will:
    1. ensure effective information management governance and accountability structures are in place throughout their area of responsibility
    2. ensure information management requirements are addressed during strategic planning to support their information management/recordkeeping responsibilities
    3. authorize disposition of records under their area of responsibility in accordance with the Records Retention and Disposition Schedule.
  6. Managers will:
    1. ensure IRBV are identified, effectively organized, managed and stored in an official CSC physical or electronic repository and are aligned with the CSC Information Classification Plan
    2. ensure information management processes are followed throughout the information life cycle.
  7. All employees and authorized users of information under the control of CSC are responsible for managing the information they collect, create and use as a valuable asset in a manner consistent with Treasury Board Policy on Information Management , Directive on Information Management Roles and Responsibilities and Directive on Recordkeeping .

PROCEDURES

  1. The Information Management Division at National Headquarters or the Regional Headquarters area responsible for information management must be contacted when planning to:
    1. develop, modify or delete a program, service, business process, policy document or related activity
    2. develop or amend a CSC form or cancel its use
    3. use a new application, software or business system and/or upgrade or modify an existing one
    4. dispose of IRBV not included in the CSC Records Retention and Disposition Schedule
    5. request CSC specific information management/recordkeeping training for employees.

Protocol for Managing Information Resources of Business Value

  1. Mechanisms for the protection of CSC IRBV include the establishment and implementation of key methodologies and tools to support the CSC Information Management Program and meet the recordkeeping requirements throughout the information life cycle.
  2. All CSC authorized users of information are responsible for the life cycle management of IRBV under their responsibility, which includes:
    1. planning: anticipating the information needed and how it will be generated, used and managed to support programs, projects and services
    2. collection, creation, receipt and capture: identifying the information needed to support business needs and meet legislative or policy requirements as well as capturing decision making
    3. organization: identifying and using the pre-established classification standard (including the CSC naming convention) when saving electronic IRBV
    4. use and dissemination: maintaining a common business folder structure to organize and store/file as well as a mapping of what IRBV types are to be filed in what folders
    5. maintenance, protection and preservation: assigning levels of protection and marking, transmitting and storing information in accordance with CD 564 – Departmental Security and CD 564-2 – Departmental Physical Security
    6. disposition: retaining IRBV in accordance with CSC retention and disposal schedules and carrying out regular authorized disposition per established procedures
    7. evaluation: measuring the performance or progress against defined results and outcomes.
  3. Privacy and security requirements will be met by:
    1. ensuring IRBV are identified, effectively organized, managed and stored in an official CSC physical or electronic repository and are aligned with the CSC Information Classification Plan (CSC official file numbers) and in compliance with CD 564 – Departmental Security and CD 564-2 – Departmental Physical Security
    2. utilizing official information management/records management services to ensure the effective management and access to CSC IRBV throughout the information life cycle
    3. transferring inactive and/or dormant information resources to the custodianship of the Central Registry/Records Office
    4. regularly disposing of transitory information after it is no longer required.
  4. Information management functional specialists will be consulted:
    1. for all areas of information life cycle management
    2. when transferring a departing employee’s IRBV to the corporate repository.

Commissioner,

Original signed by:

Don Head


ANNEX A

CROSS-REFERENCES AND DEFINITIONS

CROSS-REFERENCES

CD 564 – Departmental Security
CD 564-2 – Departmental Physical Security

Access to Information Act
Copyright Act
Financial Administration Act
Library and Archives of Canada Act
Official Languages Act
Personal Information Protection and Electronic Documents Act(Part 2)
Privacy Act
Privacy Regulations
Security of Information Act

Treasury Board Directive on Management of Information Technology
Treasury Board Directive on Open Government
Treasury Board Policy on Access to Information
Treasury Board Policy on Communications and Federal Identity and Directive on the Management of Communications
Treasury Board Policy on Government Security
Treasury Board Policy on Internal Audit
Treasury Board Policy on Learning, Training, and Development
Treasury Board Policy on Management of Information Technology
Treasury Board Policy on Privacy Protection

DEFINITIONS

Information Classification Plan: a structured information management tool to facilitate and promote the effective organization, retrieval, sharing, protection and disposal of CSC information resources of business value. It provides a systematic and logical arrangement of CSC information into various subject groups and categories that share common characteristics, to which unique file numbers are allocated. This hierarchically-based system includes a series of broad categories with lower level breakdowns that become increasingly specific. (See the CSC Information Classification Plan.)

Information life cycle: encompasses planning; collection, creation, receipt, and capture; organization; use and dissemination; maintenance, protection and preservation; disposition; and evaluation of information resources of business value.

Information resources of business value (IRBV): published and unpublished materials, regardless of medium or form, that are created or acquired because they enable and document decision making with regard to programs, services and ongoing operations, and support departmental reporting, performance and accountability requirements.

Recordkeeping: a framework of accountability and stewardship in which records are created, captured, and managed as a vital business asset and knowledge resource to support effective decision making and achieve results for Canadians.

Transitory records : records that are not of business value. They may include records that serve solely as convenience copies of records held in a government institution repository, but do not include any records that are required to control, support, or document the delivery of programs, to carry out operations, to make decisions, or to provide evidence to account for government activities.

For more information

To learn about upcoming or ongoing consultations on proposed federal regulations, visit the Canada Gazette and Consulting with Canadians websites.