Guidance on the Security Categorization of Cloud-Based Services (ITSP.50.103)

This document is part of a suite of documents that the Cyber Centre has developed to help secure cloud-based services. Security categorization, the selection of a security control profile, and the selection of a cloud deployment model and a cloud service model are the first three steps of the Cloud Security Risk Management approach. This approach is defined in ITSM.50.062 Cloud Security Risk Management.

Data and Resources

Additional Info

Field	Value
Last Updated	April 17, 2026, 18:46 (UTC)
Created	April 17, 2026, 18:46 (UTC)
contact_email	opengov-gouvouvert@cse-cst.gc.ca
criticality_level	["government", "nongovernmental_organizations"]
geographic_scope	[]
open_canada_collection	publication
open_canada_date_published	2020-06-03 00:00:00
open_canada_keywords	{"fr": ["sécurité infonuagique", "gestion des risques"], "en": ["cloud security", "risk management"]}
open_canada_subject	["information_and_communications", "science_and_technology"]
sensitivity_level	unrestricted
title_fr	Guide sur la catégorisation de la sécurité des services fondés sur l’infonuagique (ITSP.50.103)
update_frequency	not_planned