E-7115: Petition to the Government of Canada — Canadian Petition Tracker

Name: Signature data for Canadian e-petition E-7115
Creator: PetitionTracker.ca

Canonical URL: https://petitiontracker.ca/petition/e-7115

Track petition E-7115 — "Petition to the Government of Canada" sponsored by Jeff Kibble. 685 signatures and counting. See signature growth trends and provincial breakdown on PetitionTracker.ca.

Petition Text

Petition to the Government of Canada

Whereas:

• The Government of Canada develops, commissions, procures, and operates custom software systems to deliver federal programs and services and to manage sensitive government and personal information;

• There is no single, mandatory federal policy establishing baseline secure-coding requirements applicable across federal departments and Crown corporations for custom software systems; and

• Inconsistent secure-coding practices increase the risk of security incidents, service disruptions, and avoidable remediation costs affecting federal operations and Canadians.

We, the undersigned, citizens of Canada, call upon the Government of Canada to 1. Consider establishing a mandatory federal secure-coding policy applicable to all custom software developed, commissioned, procured, or operated by the Government of Canada and its federal Crown corporations; 2. Designate an appropriate federal authority to provide oversight of secure-coding practices, including the development of baseline requirements, guidance for departments, and mechanisms for monitoring compliance; and 3. Require that new federal software systems adhere to established secure-coding requirements and that existing systems be reviewed and addressed, as appropriate, to reduce security risks.

1. Consider establishing a mandatory federal secure-coding policy applicable to all custom software developed, commissioned, procured, or operated by the Government of Canada and its federal Crown corporations;

2. Designate an appropriate federal authority to provide oversight of secure-coding practices, including the development of baseline requirements, guidance for departments, and mechanisms for monitoring compliance; and

3. Require that new federal software systems adhere to established secure-coding requirements and that existing systems be reviewed and addressed, as appropriate, to reduce security risks.