This reference describes the four levels of security classifications that Alberta Gaming, Liquor and Cannabis (AGLC) applies to data and information. Classifying data and information is the first step in ensuring the confidentiality, integrity, trustworthiness, availability and protection of privacy of AGLC data and information. These standards are in alignment with the Government of Alberta (GoA) and the Government of Canada’s information security classification scheme.
Relation to Previous Classification Standard
Some data and information within AGLC may already have a security classification attached to it as a result of the previous Information Security Classification Standard used by AGLC and GoA. The table below maps the categories from the previous standard to the new standard.
Previous Classification Standard
New Classification Standard
(available to employees & public)
(available to employees and stakeholders on a need to know basis)
(available only to specific functions, groups or roles)
(available to specified positions only)
Below are the four data and information security classification levels used to classify all data and information assets received, created, stored by or retained by AGLC.
Data & Information Security Classification Levels
Example of Risk Impacts
Applies to information assets that will not result in injury to individuals, governments or to private sector institutions; and financial loss will be insignificant.
No minimal impact
No or minimal inconvenience if not available
No or minimal impact if lost or altered
Applies to information assets that, if compromised, could cause injury to an individual, organization or government.
Unfair competitive advantage
Disruption to business if not available or inaccessible
Applies to information assets that, if compromised, could cause serious injury to an individual organization or government.
Loss of reputation or competitive advantage
Loss of confidence in the government program
Loss of personal or individual privacy
Loss of trade secrets or intellectual property
Loss of opportunity (e.g., insurance, health coverage)
Applies to information assets that, if compromised, could cause extremely grave injury to an individual, organization or government.
Loss of life
Loss of public safety
Significant Financial loss
Compromise of legal system
Compromise of Cabinet deliberations
Destruction of partnerships and relationships
The above standards apply to all departments defined under schedule 11 section 14(1) of the Government Organization Act.
Storing & Access of Information
AGLC information assets are stored and controlled in a manner consistent with their classification.
Storing Print/Hard Media
Storing Digital Files
No special storage requirements
Cloud Service Information stored in Canada. Exceptions approved by CIO
No special storage requirements
Regular back-ups to ensure availability and integrity
Can be made open to the public and all employees, contractors, sub-contractors and agents
Can be published, but does not have to if it is of no value/interest to the public
Determination to publish material is made by the business area