For the purposes of this Library, sources are defined as:
Authoritative Source: a privacy or cyber-security organization dedicated to establishing standards and best practices
Disclaimer: Click here for important information to consider when reviewing information on this site.
Summary of contents
How to create a “call first or act first” checklist
How to create a “get out of bed” checklist and notification matrix
Emergency indicators and associated confidence levels
Suggestions vs. decisions: what is appropriate in a given situation?
Response expectations and approved actions that have been coordinated with key stakeholders
Authoritative Source: Information System Audit and Control Association (ISACA)
A printable template to help document and report a suspected or confirmed privacy breach
Authoritative Source: Office of the Information and Privacy Commissioner BC (OIPC)
A resource guide to help respond to a privacy breach in accordance with BC privacy legislation.
Authoritative Source: Office of the Information and Privacy Commissioner BC (OIPC)
Summary of Contents
Authoritative Source: NIST National Institute of Standards and Technology
Summary of contents
Short, straight-forward advice on
Authoritative Source: Center for Internet Security
Summary of contents
Practical recommendations for staff. Examples:
Authoritative Source: US Federal Trade Commission
Summary of contents
Protect against fakes
Authoritative Source: Canadian Centre for Cybersecurity
Summary of contents
Recommendations from a lawyer specializing in cybersecurity on managing COVID-19 cybersecurity risks from a people, process and technology perspective. Includes an extensive list of best practice guidance documents from authoritative sources in Canada, the United States, UK, Europe and Australia.
Informed Source: BLG (Borden Ladner Gervais LLP)
Summary of contents
Authoritative Source: Australian Cyber Security Centre
Summary of contents
A brief summary for executives with suggestions on how to address physical, supply chain, and cybersecurity issues that may arise from the spread of Novel Coronavirus, or COVID-19.
Summary of Contents
Practical advice for securing home networks. This brief, easy to understand guide includes recommendations for:
Authoritative source: National Security Agency
Summary of contents
Authoritative Source: BC Office of the Information and Privacy Protection Commissioner (OIPC)
Summary of contents
Authoritative Source: National Cyber Security Centre
Summary of contents
Authoritative Source: Cyber Readiness Institute
Summary of contents
A shareable PDF with practical guidance for working outside of the office.
Authoritative Source: National Cyber Security Alliance
Summary of contents
Practical advice designed to be shared with teleworking home and remote office users.
Authoritative Source: National Institute of Standards and Technology (NIST)
Summary of contents
Authoritative Source: Canadian Centre for Cybersecurity
A publication by Zoom subtitled “Everything you need to keep your video meetings safe and secure”.
Informed Source: Zoom Communications
Summary of contents
Informed Source: Privacy Canada
Summary of contents
A technical reference for small to medium organizations.
Authoritative Source: National Institute of Standards and Technology (NIST)
Summary of contents
Guidance from a lawyer in Vancouver specializing in cybersecurity. Recommendations are based on controls published by the Canadian Centre for Cybersecurity, with specific suggestions on:
Informed Source: BLG (Borden Ladner Gervais LLP)
Baseline Cyber Security Controls for Small and Medium Organizations
These controls are the ones that are used when evaluating Partner Agencies through the SCsIP Cybersecurity Assessment project.
For a downloadable PDF version of these standards, click here.
Summary of contents
Clear, easy to understand recommendations designed specifically for small and medium sized organizations by the Canadian Government. Systematically reviews an organization’s cyber security profile on the following topics:
Authoritative Source: Canadian Centre for Cyber Security
Summary of contentsAn easy to understand security self-assessment designed for businesses in BC, with simple yes/no questions. Includes questions that are considered by OIPC to be a minimum requirement.
Authoritative Source: BC Office of the Information and Privacy Protection Commissioner (OIPC)
Note: Some references cited below are identified as originating from informed sources, rather than authoritative ones. Discretion should be used when reviewing information from informed sources, including the potential for author bias.
For the purposes of this Library, sources are defined as:
BC.9.2
Informed source
BC.9.4
Authoritative source
BC.9.6
Payment Card Industry Data Security Standard (PCI DSS)
Authoritative source
BC.9.7
Configuring with GSuite systems:
Configuring Microsoft 365
Informed source
BC.10.1
AICPA SSAE 18 SOC 3 report: Trust Service Principles compliance
Authoritative source
BC.11.1
Authoritative source
ASVS levels
Authoritative source
Funding is generously provided through the Ronald S. Roadburg Foundation.