In one case, a CSIS employee was suspended for five days without pay following an incident involving information that “must be kept in the strictest of confidence and in full compliance with the need to know principle”, according to a report by the Canadian Press.
The employee was found in violation of the spy agency’s conduct policy, including provisions on security, performance of duties, integrity, and compliance with direction, according to documents cited in the report.
“Notwithstanding the fact that your actions could have resulted in a more serious disciplinary measure, I have decided that a five-day suspension without pay is most appropriate”, wrote the supervisor.
In the other case, a CSIS employee was suspended for one day without pay over an unspecified information security violation. That employee’s supervisor said that he had “taken into consideration the comments that you provided in your email” and that the senior official appreciated “the clarifications you provided.”
The report cited redacted documents from 2010 and 2011 released under Canadian Access to Information Act. Details about the nature of the information security incidents or the employees' names were not disclosed in the documents, and a CSIS spokeswoman declined to provide additional information.