Course 115: Foundations of cloud security in the Government of Canada


Cloud computing represents a fundamental shift in the delivery of Information Technology (IT) services. Adopting and securing cloud computing enables the Government of Canada (GC) to maintain IT service excellence but it requires a dedicated and comprehensive effort. This course focuses on the foundations of cloud security in a GC context. It describes cloud computing, the factors to consider before adopting cloud computing, the roles of various GC departments, the GC’s Cloud Adoption Strategy, and the fundamental cloud security concepts.


The objectives of this course are to ensure that upon successful completion, the participant will be able to:

  • define detailed considerations when contemplating cloud computing
  • describe the impact of cloud computing on service management
  • discuss details on the cloud deployment process within the GC
  • outline cloud computing security limitations

Target audience

GC employees working within a cyber security role, such as business or operational analysts, project managers, developers, administrators, or within a leadership role, who wish to become more familiar with the foundations of cloud security.


It is strongly recommended that participants complete the Canada School of Public Service (CSPS) Discover GC Cloud online course prior to taking this course. This course can be found on the CSPS learning platform.

Course outline and module objectives

  • Module 1 – Cloud computing overview
    • Define what is cloud computing
    • Outline data residency and data Sovereignty considerations
  • Module 2 – Cloud impact on service management
    • Outline the rationale for adopting cloud services within GC
    • Describe the current cloud state and cloud roles in the GC
    • Outline the steps involved in implementing the right cloud service
    • Define the Shared Responsibility Model
  • Module 3 – Cloud deployment in the GC
    • Recall the GC guardrails objectives
    • Discuss the GC Cloud Adoption Strategy and vision
    • Describe the key actors for a successful deployment
    • Describe the risk management process overview and lifecycle
  • Module 4 – Cloud security concepts
    • Implement the right steps to secure organizational workloads
    • Describe the three pillars of IT Security
    • Differentiate between technical and procedural safeguards
    • Outline the shared responsibilities within defence in depth strategy
Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: