Guillaume Charest
Guillaume Charest
Yes, security should be a constant and your security experts should be part of the team throughout the journey, not a checkbox at some point in your process!
Delegation of authority will need to be clarified. Taking note to see how this can be addressed in the policy instrument. Thanks!
Thanks for the feedback! We'll try to make clearer the intent here. We do want to open up the whole spectrum of tools available for us and we have to...
And I see I don't complete my sentences :thinking: Meant to say we will have to comply to laws, regulations but will influence departments towards leveraging free and open source...
Related to #53 I'm trying to find the right balance on Security between OSS and just software dev in general. Might need to tie in with @ptd-tbs work in Cyber?
We probably need to scale and automate parts of this as well. X-Ray and other such tools offer levels of governance that might be useful to all departments simultaneously.
I think the procurement considerations are now somewhat covered in the standard, no? @ShadeWyrm @nschonni Would the PR content better fit into a play book?
In the latest version of the requirements, we're removing the security aspect as there are already existing policy instruments and will try to address/guide through the playbook instead. Policy instrument...
[Playbook](https://github.com/canada-ca/digital-playbook-guide-numerique)
And we're actually going back with sections on Security as some of them are not necessarily covering specific topics found in the current discussion.