How many controls does Canada ITSG-33 have?

Canada ITSG-33 contains 24 controls organized across 2 domains.

Where does Canada ITSG-33 apply?

Canada ITSG-33 is applicable in Canada (CCCS). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does Canada ITSG-33 map to?

Canada ITSG-33 has control-to-control mappings with 641 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with Canada ITSG-33 compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

Canada ITSG-33 — IT Security Risk Management

ITSG-33 (IT Security Risk Management: A Lifecycle Approach) is the Canadian Centre for Cyber Security (CCCS) standard for managing IT security risks in Government of Canada (GC) departments and agencies. It defines a security control catalogue aligned with the Treasury Board Policy on Government Security and Directive on Security Management.

Domains

Security Controls

Risk Management Lifecycle

Frequently Asked Questions

Map Canada ITSG-33 — IT Security Risk Management to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform