Monitoring and Auditing a Workspace

The workspace lead and administrators must monitor account usage periodically and ensure all accounts meet the relevant policies and guidelines. They are also responsible for conducting regular audits within the workspace to ensure all security, ATIP, privacy, accessibility and legal policies are followed. Workspace leads should consult with their Departmental IT Security authorities to ensure compliance with Information system audit management requirements established by the Directive on Security Management (Directive on Security Management- Canada.ca - B.2.3.8)

The workspace lead is responsible for ensuring that a process is in place to ensure quick detection and reaction to information spillage events (for instance, when sensitive information is mistakenly uploaded to an unclassified workspace). Workspace leads should consult with their Departmental IT Security Authorities to ensure such an event is tracked and responded to in accordance with Departmental Incident Response Processes.