​​​​​​​​​​​​​​digital.jpg ​​spcinfosec.png

​​The mission of the SPC Information Security Office is to design, implement, and maintain an information security program to protect SPC's systems, services and data against unauthorized use, disclosure, modification, damage or loss. The Information Security Department is committed to engaging the SPC community to establish an appropriate information security governance structure that enables effective collaboration and ensures alignment with SPC strategic objectives and foundational commitments.​​


Supporting elements:

  • ​A pervasive information security awarene​ss program

  • An effective information security governance structure​

  • Well-managed and maintained computing equipment

  • Well-managed and maintained enterprise applications​​

  • Well-managed and maintained third-party relationships​

  • A robust and scalable security architecture ​

Departmental Functions:​

  • Mitigate security risk through outreach, awareness, assessment, policy, and best practices

  • Participate in the monitoring of systems to detect and address malicious activity

  • Respond to security incidents and perform digital forensic operations

  • Participate in the design of technology architecture changes and in the planning of new systems

  • Perform risk assessments and vulnerability management operations​​