| ABAC | Attribute Based Access Control |
| C&A | Certification and Accreditation |
| CIO | Chief Information Officer |
| CPSCC | Canadian Public Sector Community Cloud |
| CSA | Cloud Security Alliance |
| CSEC | Communications Security Establishment Canada |
| CSP | Cloud Service Provider |
| DSO | Departmental Security Officer |
| DSP | Departmental Security Plan |
| FedRAMP | Federal Risk and Authorization Management |
| GC | Government of Canada |
| IaaS | Infrastructure as a Service |
| IEC | International Electrotechnical Commission |
| ISO | International Organization for Standardization |
| ISSIP | Information System Security Implementation Process |
| IT | Information Technology |
| ITPIN | IT Policy Implementation Notice |
| ITSC | Information Technology Security Coordinator |
| ITSG | Information Technology Security Guidance |
| LoA | Level of Assurance |
| MitM | Man-in-the-Middle |
| MITS | Management of Information Technology Security |
| NIST | National Institute of Standards and Technology |
| OWASP | Open Web Application Security Project |
| PBMM | Protected B, Medium Integrity, Medium Availability |
| PGS | Policy on Government Security |
| PIA | Privacy Impact Assessment |
| PKI | Public Key Infrastructure |
| PaaS | Platform as a Service |
| PCI-DSS | Payment Card Industry Data Security Standard |
| PSPC | Public Services and Procurement Canada |
| RBAC | Role Based Access Control |
| SaaS | Software as a Service |
| SAML | Security Assertion Markup Language |
| SDLC | System Development Life Cycle |
| SSL | Secure Socket Layer |
| SSO | Single-Sign-on |
| STAR | Security, Trust and Assurance Registry |
| SLA | Service Level Agreement |
| SOC | Service Organization Controls |
| SSC | Shared Services Canada |
| TBS | Treasury Board of Canada Secretariat |
| TLS | Transport Layer Security |
| TRA | Threat and Risk Assessment |
| XSS | Cross Site Scripting |
General
Content
Integrations