1. Introduction

The Government of Ontario Information Technology Standards (GO-ITS) are the official publications on the IT standards adopted through the Office of the Corporate Chief Information Officer (OCCIO) and IT Executive Leadership Council (ITELC), for use across the government’s information and information technology (I&IT) infrastructure.

These publications support the responsibilities of the Treasury Board Secretariat for coordinating standardization of I&IT in the Government of Ontario. In particular, GO-IT Standards describe where the application of an IT standard is mandatory and specify any qualifications governing the implementation of the IT standards.

2. Summary

2.1 Standard name and description

The Ontario Web Standard defines requirements for Government of Ontario websites in the areas of:

  • accessibility
  • usability
  • design
  • responsibility

The standard also includes where to find existing guidelines to help employees and vendors to meet the requirements. This standard can be used in association with the Ontario Design System (design and coding standards for building Government of Ontario products and establishes styles and components that follow usability and accessibility best practices).

2.2 Background and rationale

This GO-ITS is established to ensure that there is a collective understanding of the guidelines and requirements for government websites and the use of Ontario Public Service (OPS) information for consistency throughout the enterprise.

The expected benefits and results of the GO-ITS are to:

  • ensure a consistent and positive web experience for all Ontarians
  • define quality web standards that ensure accessibility and usability of government information and services
  • protect and enforce the government’s legal, privacy and security interests

2.3 Target audience

The target audience for this standard includes, but is not limited to:

  • developers
  • technical implementors
  • ministry and cluster web coordinators
  • program managers
  • site owners responsible for operating websites
  • people developing web-based solutions for government, including external vendors

2.4 Scope

2.4.1 In scope

This standard applies to both internal and external Government of Ontario websites regardless of hosting location. Mandatory and recommended elements may be different for internet and intranet sites. The scope of this standard is not limited to the current or named technologies. This standard also covers the use of third-party web services.

2.4.2 Out of scope

Back office and administrative interfaces are not in scope (for example, human resources, financial administration or content management contribution interfaces).

2.5 Applicability statements

2.5.1 Organization

All ministries and I&IT clusters are subject to the Government of Ontario IT Standards.

All adjudicative and advisory agencies are subject to the Government of Ontario IT Standards.

All other agencies that are using OPS information and information technology products or services are required to comply with Government of Ontario IT standards if they are subject to either the Governance and Management of Information Technology Directive or Government of Ontario IT Standards by memorandum of understanding.

As new GO-IT Standards are approved, they are deemed mandatory on a go-forward basis — meaning at the next available project development or procurement opportunity.

When implementing or adopting any Government of Ontario IT standards or IT standards updates, ministries, I&IT clusters and applicable agencies must follow their organization’s pre-approved policies and practices for ensuring that adequate change control, change management and risk mitigation mechanisms are in place and employed. For the purposes of this standard, any reference to ministries or the government includes applicable agencies.

2.5.2 Other applicability

This standard applies to work provided by vendors. Third-party service providers who are hired to develop websites are required to adhere to this standard and sign a procurement agreement. Multi-jurisdictional sites must meet all aspects of this standard, with the look and feel to be determined by agreement of the partners.

2.5.3 Requirement levels

Within this standard, certain wording conventions are followed. There are precise requirements and obligations associated with the following terms:

Must — This word, or the terms required or shall, means that the statement is an absolute requirement.

Should — This word, or the adjective recommended, means that there may exist valid reasons in particular circumstances to ignore the recommendation, but the full implications (for example, business functionality, security, cost) must be understood and carefully weighed before choosing a different course.

3. Technical specifications

The following requirements apply to all I&IT assets and operations within the scope of the governance and management of the Information Technology Directive.

3.1 Accessibility

All websites, web and mobile applications must comply with all provincial accessibility legislation, including:

Any internal standards specific to your organization also apply, for example, Ontario Ministries must follow GO-ITS 201PRS OPS Digital Accessibility Standard.

All intranet websites must follow accessibility guidelines.

3.2 Analytics and reporting

All websites must collect statistics about site performance and traffic.

Analytics tools must be used to track only aggregate behaviour, not individual user behaviour.

Information gathered using analytics software must not be used to identify individuals unless authorized by law.

Data must only be used to understand and improve the site’s performance and content. It must not be shared with or used with other third-party services or websites for other purposes.

Ontario.ca websites are encouraged to work with Cabinet Office Communications to use the government’s centralized analytics setup, ensuring consistent and privacy-compliant data collection across all sites.

3.3 Artificial intelligence (AI)

All ministries and provincial agencies must follow Ontario’s Responsible Use of Artificial Intelligence Directive. The directive sets out guidelines on the transparent, responsible and accountable use of AI for ministries and provincial agencies.

3.4 Content

All website content must follow the Ontario.ca style guide.

All website content must be reviewed following a maintenance schedule to make sure it is accurate and its ownership is current.

Use short and descriptive language for both headings and leads. Headings are section titles that describe content that directly follows. Leads are introductory sentences that explain what a page is about.

Write content in the active voice and at a reading level that suits your audience. Write a plain-language summary for pages or documents that use technical language.

Define technical language, abbreviations and acronyms in context. Provide a glossary and pronunciation guide if appropriate.

Include ISBNs for each online format for certain publications (for example, reports, budgets or plans).

3.5 Copyright

All content created by government employees in the context of their work is subject to Crown copyright.

All non-HTML documents published to the public web must have a copyright statement in the footer.

All public websites should link to the Ontario Government’s central copyright statement.

3.6 Design elements

The Ontario Design System must be used in the development of all public-facing digital services delivered by:

  • Ontario ministries
  • Ontario provincial agencies whose services are integrated with ontario.ca

The use of the design system is a requirement in all procurements of goods and services for digital service delivery. This includes purchases of commercial off-the-shelf software or software-as-a-service products.

The design system is not required for internal-facing websites and provincial agencies whose services are not integrated with ontario.ca.

3.7 Document formats

Where information is available only in portable document format (PDF) due to a legal or security requirement, it must be as accessible as technically possible.

For PDF content on ontario.ca, refer to the guidance on posting PDFs from Cabinet Office Communications.

Links to other formats must identify the file format used and include file size, for example, Brochure [PDF — 2 MB]

Websites must not use proprietary formats requiring users to purchase plug-ins or software.

Microsoft Office documents, for example Microsoft Word, must not be posted to public-facing websites unless authorized by legislation. Microsoft Office documents published on intranet sites should not contain previous versions or edits, for example track changes.

When providing documents in alternate formats, the file:

  • size should be as small as possible
  • must be saved to be compatible across platforms without degrading the document or compromising the security requirements

Secure documents must be accessible for assistive technologies.

3.8 Domains and keywords

Do not register any new external domain names. Use only subdomains within gov.on.ca or ontario.ca.

The creation of new public-facing websites must be approved by Cabinet Office Communications.

All vanity URLs (also known as keywords) that use the pattern ontario.ca/<keyword> must be approved by Cabinet Office Communications.

All public-facing domains must belong to the OPS Domain Registrar. Government domains owned by other entities must transfer ownership to the OPS Domain Registrar. Domain requests must be approved by the OPS Domain Registrar.

All domain names must comply with the Domain Name Guidelines established by the OPS Domain Registrar with the advice of the Domain Advisory Group.

Decommissioned domains must be reported to the OPS Domain Registrar and recorded in the OPS Website Database. Websites must use a fully qualified domain name and not be referenced by IP number or server name.

3.9 French

All public-facing websites must comply with the requirements set out in the French Language Services Act, 1990 (FLSA), including the principles of Active Offer and the prescribed measures outlined in O. Reg. 544/22. Intranet websites are not required to be bilingual.

Language toggle links (for example, buttons for selecting between English or Français) should take users directly to the same content in the selected language. In addition, link text to alternate English or French content must direct the reader towards the appropriate language version.

To comply with the FLSA and support equitable access to information, all documents must be made available equally in English and French and posted simultaneously. A disclaimer must be posted when content is available in English only.

3.9.1 Other languages

Languages other than English or French should be posted as accessible PDFs, not coded as HTML.

3.10 Governance and reporting requirements

The Web Coordinators Committee (WCC) is the central governing body for websites. Membership in the Web Coordinators Committee is made up of appointed members from each Government of Ontario ministry, cluster and from enterprise sites and other stakeholders. Co-chairs must be appointed by Cabinet Office Communications and Web Stewardship. Enterprise Coordinators must be appointed by the Office of the Corporate Chief Information Officer (OCCIO) or Deputy Minister of the Ministry of Public and Business Service Delivery and Procurement (MPBSDP).

Each ministry and cluster must appoint a Web Coordinator to sit on the WCC. Ministries and clusters must supply WCC co-chairs with contact information for their Web Coordinators and backups.

Enterprise Web Coordinators and the co-chairs of the WCC must be informed of new web initiatives through ministry and cluster Web Coordinators.

Government-wide changes to websites must be communicated through the WCC.

Ministries and clusters must maintain an accurate and current listing of their websites in the OPS websites database.

The Ontario.ca Master Framework Agreement outlines the terms, conditions, roles and responsibilities governing the government’s flagship website, through the partnership between Cabinet Office Communications (CO Comms) as the product owner for the website, MPBSDP as the service delivery agent for technology and ministries as program and delivery owners.

As a general practice, ministries must consult with CO Comms for:

  • all ontario.ca requests
  • requests for new platforms, products or applications
  • integration requirements for new and existing enterprise platforms, products or applications to ensure a seamless experience to and through ontario.ca

3.11 Links, new tabs and new windows

All links should follow:

Links should be descriptive so users know where the link will take them.

All link targets must be reviewed in following a maintenance schedule to verify it still leads to the appropriate content.

Redirects must be created for important pages when a website undergoes a major transformation where links will change, for example, relaunch or content reorganization and links will change.

Where other formats are used, file size and format must be indicated within the link, for example: Document Title [PDF - 2MB]

Links to alternate versions of a page (language or format) must lead to an equivalent page to ensure consistent navigation.

3.11.1 Intranet websites

Intranet websites must follow the applicable design elements and content design guidance maintained by the ministry’s communications branch.

3.12 Marketing

When used in marketing campaigns, websites must follow directives and legislation relating to government advertising.

All paid campaigns for the Government of Ontario must be approved by the Premier’s Office and Cabinet Office Communications.

All public communications must use an ontario.ca custom web link (also known as an ontario.ca keyword), unless exempted by Cabinet Office Communications. External or gov.on.ca domain names must not be used for advertising.

All paid marketing must direct users to an ontario.ca page, unless exempted by Cabinet Office Communications.

3.13 Metadata

Metadata must be applied to all formats of web resources and comply with GO-ITS 400DTS Information Resource Description Metadata Standard.

In the HTML header section for metadata tags <head> </head>, a descriptive and concise <title> tag must be included on every page and must be unique to that page. The <title> tag should be formatted as:

  • document title | website name
  • the “website name” must include Ontario before the Ministry Name (if a ministry name is included) so users can know the jurisdiction.
  • for search engine optimization, the maximum character string for the Title Tag is 65.

3.14 Multimedia

On public-facing websites, it is recommended to use photographs and videos taken in Ontario and of individuals that are residents of Ontario. Use the Government of Ontario’s digital asset library ImageON , for royalty-free and government-owned photo and video content of Ontarians by Ontarians. Third-party stock resources and photographs and videos with a generic setting should only be used when there is no alternative.

All public-facing images, video, audio and applications must be accessible (refer to 3.1 Accessibility) and meet language requirements, including but not limited to:

Where an audio or video presentation is incidental to the user-experience of the website, the option of navigating through or skipping the presentation must be provided.

Follow the Ontario Design System for general guidance on images and photography, including brand, style, formats, licensing, permissions and more.

Follow the Ontario.ca web content editing guide for guidance on images, maps and videos that are hosted on ontario.ca and its subsites, as applicable.

The Government of Ontario’s central YouTube channels host all videos for public-facing websites and private third-party sharing.

All public-facing video content must be approved by Cabinet Office Communications and Premier’s Office prior to production and distribution.

For guidance on notice of collection, photo or video consent , video approvals and production requirements, refer to the Creative Services resources from Cabinet Office Communications.

3.15 Navigation

Follow the guidance in the Ontario Design System for navigation (such as, headers, footers, table of contents, back to top, links, back button and more).

Conduct user research to ensure the information architecture is well-organized and that users can navigate using breadcrumbs and navigation pages.

Users must be able to browse content. For anything that is more than 30 pages or records, they must be able to search as well.

If needed, include a Related section on the page and provide links to other relevant pages to point users to more information.

Websites should provide plain language 404 pages (file not found) with resources to assist the user and provide suggestions for the correction of common errors. 

When moving popular documents, websites should use a proxy redirect or a 301 page (moved permanently) explaining how to access the information before redirecting.

3.16 Privacy

Public-facing websites that collect, use or disclose personal information must complete a Privacy Impact Assessment (PIA). All relevant legislation and OPS I&IT standards and policies on privacy apply.

A Notice of Collection must be clearly and conspicuously displayed at or before the point where personal information is collected. The notice must state:

  • the legal authority for the collection of the personal information
  • the purpose for which the information is being collected
  • contact information of the individual whom the public can contact if there are questions regarding the notice

A link to the Ontario Government’s central privacy statement must be provided.

Ontario’s Privacy Statement includes all the laws and guidance that must be followed when collecting information through a website or online service.

Websites must collect only the personal information necessary to deliver the service. Any non-essential information must be clearly identified as optional. Personal information beyond what is necessary for service delivery must not be collected unless authorized by statute or consent is explicitly obtained.

Personally identifiable information stored in application or server access logs (for example, IP addresses) must not be used to identify individuals unless the program or service is authorized to do so by legislation. Personal data used for analytics should be anonymized or grouped so individuals can’t be identified or that the information cannot be easily deanonymized.

Personal information must not be retained longer than required to deliver the service or comply with legislation and must be securely disposed of in accordance with OPS policies. Follow the records retention schedules under the Archives and Recordkeeping Act, 2006 as appropriate.

Refer to guidance and Acts on manner of collection:

Refer to guidance on records retention and disposal:

  • Archives of Ontario “Recordkeeping” guidance

3.17 Security

Public-facing websites must engage with the Cyber Security Division, MPBSDP to determine if a Threat Risk Assessment (TRA) or penetration test is required. All relevant OPS I&IT standards and policies on security apply.

A TRA should be revisited if there are any significant changes in the system architecture or data flows.

All websites must be served over HTTPS with a valid certificate obtained from the Ontario Public Service-approved enterprise service provider.

All public-facing websites must use a web application firewall (WAF) from the Ontario Public Service-approved enterprise service provider

Websites must comply with:

State management mechanisms must be designed to prevent unauthorized access to personal information. Any security incidents must be reported to the Cyber Security Division as specified in GO-ITS 25.20 Disposal, Loss and Incident Reporting of Computerized Devices and Digital Storage Media.

Refer to guidance on privacy breach management guidelines, forms and reporting requirements.

3.18 Site search

Where search is required, the ontario.ca Search Service must be used for all Government of Ontario websites containing non-classified and low-sensitivity information.

All websites must be able to be indexed by the ontario.ca Search Service and meet the minimum integration requirements established by the ontario.ca search team:

  • with a valid certificate obtained from the Ontario Public Service-approved enterprise service provider referred to in Section 3.17 Security
  • ensure that dynamically generated content (for example, JavaScript pages) is available as static, crawlable files (such as flat files) to support search indexing
  • conform to the metadata and title requirements defined in Section 3.13 Metadata

To improve search accuracy, websites should provide a valid sitemap.xml file and robots.txt file, where applicable.

3.18.1 Search results

A search box showing the current search query must appear at the top of the search results page.

The search results page must:

  • provide refinement options or query assistance (for example, filters, sort options or auto-completion and search suggestions).
  • show the total number of results and the number of results displayed per page.
  • present results with accurate page titles and concise descriptions based on meta descriptions. These descriptions help users understand the page content and trust the search results.
  • avoid duplicate results for the same URL, for example, including both the original and redirect documents in the search results.

3.19 Social media

The creation of new ministry social media channels must be approved by Cabinet Office Communications.

Content and information on a government website must not be amended for a third-party platform or service (such as social media).

Follow the Ontario Public Service social media guidelines for guidance on personal and professional social media use for all public servants, including minister’s office staff.

For information on engaging with users on social media platforms, reporting a threat, social media commenting, common service standards, decommissioning an account and more, refer to the social media resources from Cabinet Office Communications.

3.20 User interaction

User interactions include any online experience where the user actively submits information to a website and the website provides a response. There are many types of online transactions that involve user interaction, including:

  • sending feedback
  • posting a comment
  • multi-screen transactions
  • forms
  • e-commerce and payments
  • user profiles
  • zooming in on a map
  • validation and error handling

Follow the Ontario Design System guidance on the use of forms, including field labels, buttons, drop-downs and input formatting.

3.20.1 Feedback

All public-facing sites must provide a feedback mechanism. Alternate channels of communication (for example, telephone, TTY, fax, email address, postal address) must be identified where available.

Where users submit personal information, a Notice of Collection must be included. The Notice of Collection must be visible where information is collected.

Anti-spam measures must be used when email addresses are published on websites.

Public-facing websites must also comply with all related policies, including the Accessible Customer Service Policy and the Ontario Government Common Service Standards as they relate to feedback forms.

3.20.2 Log-in screens

Log-in screens must:

  • identify to the user what they are logging in to. A description of the service must be provided either on the same page or by linking to another page.
  • provide instructions for user registration either on the same page or by linking to another page.
  • provide help for users who have forgotten their account credentials. There must be a way to recover lost credentials.

3.20.3 Subscription services

The sign-up page must have a Notice of Collection and description of the subscription service written in plain language. Ministries must not collect, use or share subscriber information for any reason beyond the stated purpose.

Subscriber information must be stored in a secure location that is not publicly accessible. Access to subscription information must be restricted to authorized personnel only and protected using safeguards for the indicated degree of sensitivity as described in the Corporate Policy on Information Sensitivity Classification.

Subscription services should only collect information that is required under legislation and required to operate the service. Non-essential information must be identified as optional.

Mechanisms to discover the actions or preferences of specific subscribers (for example, embedded links with unique identifiers) must not be used, unless it is required under legislation and required to operate the service.

Each email must:

  • provide a way to unsubscribe (automatic or manual)
  • link to a feedback form

3.20.4 Validation and error handling

Follow the Ontario Design System guidance on form validation and error handling, including:

  • instructions on the use of error messaging
  • live validation
  • pre-submission validation
  • post-submission validation

4. Related standards and impacted infrastructure

4.1 Impacts to existing standards

The following are standards that reference or are referenced by this standard and their impacts.

GO-ITS standardImpactRecommended action
GO-ITS 23: Government of Ontario Web Standard#23 has been updated and renumbered to GO-ITS 100PRD.Rescind GO-ITS 23
GO-ITS 25.12 Security Requirements for the Use of Cryptography#25.12 is referred to by this standard.None
GO-ITS 25.13 Security Requirements for Internet Accessible Web Applications#25.13 is referred to by this standard.None
GO-ITS 25.20 Disposal, Loss and Incident Reporting of Computerized Devices and Digital Storage Media#25.20 is referred to by this standard.None
GO-ITS 201PRS OPS Digital Accessibility Standard#201PRS is referred to by this standard.None
GO-ITS 400DTS Information Resource Description Metadata Standard#400DTS is referred to by this standard.None

4.2 Impacts to existing infrastructure

The following are applications, systems, solutions and technology platforms that could be affected by this standard and their impact.

Impacted infrastructureImpactRecommended action
NoneNoneN/A

5. Compliance requirements

To manage the effectiveness and implementation of this standard, ministries, I&IT clusters and applicable agencies are expected to adopt and monitor compliance.

6. Roles and responsibilities

Accountable Role (Standard Owner) Definition

The individual or committee ultimately accountable for the effectiveness of a standard and for its full life cycle, including development, reviews, revisions, updates, evaluations and rescindment. Where a committee owns the standard, the committee Chair is accountable for the standard. There must be exactly one accountable role identified.

Accountable Role: 
Title: Head, Enterprise Applications  
Ministry of Public and Business Service Delivery and Procurement
Division: Central Agencies I&IT Cluster (CAC)

Responsible Role Definition

The organization or organizations responsible for the development of this standard. There may be more than one responsible organization identified if it is a partnership or joint effort. (Note: the responsible organization(s) provides the resource(s) to develop the standard).

Responsible Organization(s):  
Ministry of Public and Business Service Delivery and Procurement
Division: CAC  
Branch: Enterprise Applications
Section: Enterprise Web Development; Web Stewardship

Support Role Definition

The support role is the resource(s) to whom the responsibility for maintaining this standard has been assigned. Inquiries, feedback and suggestions should be sent to this resource.

Support Role (Editor):  
Ministry Public and Business Service Delivery and Procurement
Division: CAC  
Branch: Enterprise Applications
Job Title: I&IT Policy & Strategy Advisor
Name: Marcella Young
Phone: 437-774-8391  
Email: marcella.young@ontario.ca

Support Role:  
Ministry: Public and Business Service Delivery and Procurement
Division: Strategy, Artificial Intelligence and Data
Branch: Digital and Data Policy Branch
Job Title: Senior Policy Advisor
Name: Lester de Luna
Phone: 416-930-3098  
Email: lester.deluna@ontario.ca 

Support Role:  
Ministry: Cabinet Office
Division: Marketing and Digital
Branch: Digital and Data
Job Title: Assistant Director, Priorities & Partnerships
Name: Lauren Sugar
Phone: 437-229-6439  
Email: lauren.sugar2@ontario.ca

7. Consultations

Areas consulted as part of the development of this standard. This includes individuals and committees, councils and working groups:

Organization Consulted (Ministry/I&IT Cluster)DivisionBranchDate
Cabinet OfficeMarketing and DigitalProduct Strategy and Standards2025
Cabinet OfficeMarketing and DigitalContent2025
Ministry of Public and Business Service Delivery and ProcurementCyber Security DivisionCyber Security Strategy, Risk Management & Architecture Branch2025
Ministry of Public and Business Service Delivery and ProcurementEnterprise ApplicationsEnterprise Web Stewardship2025
Ministry of Public and Business Service Delivery and ProcurementEnterprise Data Stewardship DivisionGovernance and Standards Branch2025
Ministry of Public and Business Service Delivery and ProcurementArtificial Intelligence DivisionDigital and Data Policy Branch2025
Ministry of Public and Business Service Delivery and ProcurementArchives and Privacy DivisionPrivacy, Access, and Cyber Security Policy Branch2025
Treasury Board SecretariatCorporate ServicesFrench Language Services2025
Committee/Working Group ConsultedDate
Ontario Digital Accessibility NetworkOctober 23, 2025
Web Coordinators CommitteeNovember 27, 2025

8. Document history

DateSummary
October 6, 2025Created: GO-ITS 100PRD draft v0.1 (formerly known as GO-ITS 23 v2.7-2010)
November 7, 2025First draft of GO-ITS 100PRD complete
November 20, 2025Draft Version 2 of GO-ITS 100PRD complete and shared to WCC
December 9, 2025Draft Version 3 of GO-ITS100PRD complete and shared to ARB
January 14, 2026Corporate Architecture Review Board (ARB) endorsement
February 13, 2026I&IT Executive Leadership Council (ITELC) approval — version number set to 3.0 (GO-ITS 100PRD v3.0)

9. Glossary

Content
Web content refers to the information on a web page or web application including text, images, forms, sounds and more.
Copyright
Copyright applies to a wide range of original works such as literary, dramatic, musical or artistic works, performances and sound recordings. It provides a time-limited, exclusive right to produce, reproduce, perform or publish the work or any substantial part of it. An original work is automatically protected by copyright the moment you create it, however, registering your copyright provides greater certainty to enforce your copyright in Canada. The general term of copyright protection in Canada is life of the author plus 50 years.
Domains
A domain name is a unique address to identify a page on the internet based on the Domain Name System (DNS).
Internet
The internet is a world-wide collection of computer networks that are linked using a set of common communications protocols (for example, TCP/IP, HTTP or SMTP). It is used as a communication medium for all types of data and applications.
Intranet website
An organization’s internal website that is used to privately and securely share any part of the organization’s information or operational systems within the organization.
ISBN/ISSN
International Standard Book Number (a unique numeric commercial book identifier) and International Standard Serial Number (a unique 8-digit number used to identify a print or electronic periodical publication).
Metadata
Data that describes data and that enables collaboration and interoperability. Metadata also describes how, when and by whom a particular set of data was collected, and how the data is formatted.
Personal information
Recorded information about an identifiable individual. Personal information does not include information about an individual that has been deceased for more than 30 years. Information will likely qualify as personal information if an individual can reasonably be identified from either the information alone or from the information in combination with other information.
Portable Document Format (PDF)
A standard document format (generally Adobe Acrobat portable document format) capable of being viewed with a web browser plug-in or application. The portable document format enables the document author to specify the layout, presentation of the document(s) in this format are more difficult to change than regular HTML documents.
Privacy Impact Assessment
A privacy impact assessment (PIA) is a written assessment that contains the following information respecting any personal information that the institution intends to collect:
  1. The purpose for which the personal information is intended to be collected, used and disclosed, as applicable and an explanation of why the personal information is necessary to achieve the purpose.
  2. The legal authority for the intended collection, use and disclosure of the personal information.
  3. The types of personal information that is intended to be collected and, for each type of personal information collected, an indication of how the type of personal information is intended to be used or disclosed.
  4. The sources of the personal information that is intended be collected.
  5. The position titles of the officers, employees, consultants or agents of the institution who will have access to the personal information.
  6. Any limitations or restrictions imposed on the collection, use or disclosure of the personal information.
  7. The period of time that the personal information would be retained by the institution, in accordance with FIPPA subsection 40 (1).
  8. An explanation of the administrative, technical and physical safeguards and practices that would be used to protect the personal information in accordance with FIPPA subsection 40 (5) and a summary of any risks to individuals in the event of a theft, loss or unauthorized use or disclosure of the personal information.
  9. The steps to be taken by the institution:
    1. to prevent or reduce the likelihood of a theft, loss or unauthorized use or disclosure of personal information from occurring
    2. to mitigate the risks to individuals in the event of such an occurrence
Publications
Publications that are intended to be regularly updated or continued indefinitely (such as journals, magazines, newspapers, updating loose-leafs, updating websites) shall not receive an ISBN. Publications that are issued only once, without anticipated modifications must have ISBNs assigned (for example, reports, budgets or plans).
Search
A tool that allows users to find content quickly on websites without browsing or using navigation. Advanced Search allows for a refined search based on more than 1 parameter.
Social media
A category of websites that are based on user participation and user-generated content. This includes:
  • social networking sites
  • social bookmarking sites
  • social news sites
  • blogs
  • forums
  • wikis
TeleTYpewriter (TTY)
A text display device that lets people who are deaf, hard of hearing, or speech impaired use the telephone to communicate, by allowing them to type messages back and forth. A TTY is required at both ends to communicate.
Threat Risk Assessment (TRA)
A Threat Risk Assessment TRA is a formalized process used to determine the risks to Information and Information Technology (I&IT) assets and to provide recommendations about ways in which program owners can lower these risks to acceptable levels. It allows program areas to manage risks to their services.
User interaction
Any online experience where the user actively submits information to a website (for example, filling out a form, making purchases, searching or posting a comment) and the site provides a response. This is in contrast to passive browsing, where a user only reads the page.
Web Coordinators Committee (WCC)
Membership in the WCC is made up of appointed members from each Government of Ontario ministry, cluster, and from enterprise sites and other stakeholders. Created in June 2007, this is the first formal group for web governance. Previously, the GO-Web Committee had served for communications and connections. The Committee meets monthly.
Web browser
A browser is software that retrieves and presents web content for users via computers, mobile phones and gaming consoles. Not all browsers are created equal. Since different browsers have different capabilities, not all web content can be accessed via all web browsers.
Web page
A document on the World Wide Web. Every web page is identified by a unique URI (uniform resource indicator) or address location. A web page may contain embedded resources (for example images, audio, video, applets or other HTML files) and may be generated by a database. These resources may reside at different network locations.
Website (or Web site)
A collection of web pages accessed through a web browser. This includes anything displayed in a browser.

10. Appendices

10.1 Normative references

A normative reference specifies a supporting document or GO-IT Standard (in the case of the Government of Ontario’s I&IT infrastructure, often another OPS I&IT authorized publication) that must be read to fully understand or implement the subject matter of the main GO-IT Standard. Such authoritative or de facto references may be external and may, or may not be, owned or controlled by the GO-IT Standard owner.

  • Governance and Management of Information Technology Directive
  • GO-IT Standards

10.2 Informative references

An informative reference provides only additional background information.

10.2.1 Standards

10.2.2 Legislation

10.2.3 Regulations

10.2.4 Directives

10.2.5 Policies

10.2.6 Guidelines