IM Assessments for IT Systems - Office of the Chief Information Officer

IM Advisory Services is involved in assessments for information technology systems while in development and at the end of a system’s lifecycle.

Application Decommissioning

Application Decommissioning is the process of retiring and removing inactive IT applications from the GNL infrastructure while following the appropriate procedures to ensure that the retention and/or disposal of “official records” of the Government of NL is approved by the departmental business owner and authorized by the Government Records Committee (GRC) through a Records Retention and Disposal Schedule (RRDS) or One Time Disposal (OTD), as established under the Management of Information Act (MOIA).

IM Advisory Services, in collaboration with Departmental owners and Application Services, identify those inactive IT applications that can be retired and removed from the GNL infrastructure.

Information Management (IM) Assessment

OCIO IM Advisory Services is responsible for delivering IM Assessments for projects managed through the System Development Lifecycle (SDLC). All projects are required to engage IM at the ‘Planning Analysis’ stage for completion of the IM Assessment.

The IM Assessment identifies information and records management requirements of Government IT Systems – it helps to determine whether the information that will be maintained by the application in development is a Government Record. The IM Assessment also provides client and system recommendations to ensure the information housed in the solution is managed throughout the records lifecycle.

Client recommendations outline which tools, roles and responsibilities that the client should apply to ensure records are managed as per the Management of Information Act (MOIA). System recommendations outline what needs to be integrated into the IT System to ensure the integrity and authenticity of the records.

For more information, please contact IM@gov.nl.ca

Information Protection Assessment

OCIO Information Protection (IP) is responsible for delivering Preliminary Threat Risk Assessments (Pre-TRA) for projects managed through the System Development Lifecycle (SDLC). All projects are required to engage IP at the ‘Planning Analysis’ stage for completion of the Pre-TRA.

The Pre-TRA is comprised of two deliverables in the form of a ‘Risk Assessment Workbook’ – an Information Security Classification that ranks the sensitivity and criticality of government information and guides the process to place appropriate levels of security and protection around information assets; and a Pre-TRA Checklist that determines the need for a TRA, VA or other information risk assessment.

For more information, please contact OCIOInfoProtection@gov.nl.ca

To engage IM and IP to complete their respective assessments, please complete the: Request for Service – IM/IP/ATIPP Engagement Form