Dead links in security statement and audit links in policy docs

[yaelberger-commits]

Describe the bug

Our links out to the Standard on Security Categorization from the Security Statement are broken so we need to replace them with updated links in EN and FR

Scan all our policy docs for links to assess if we should link out to other pages or not, if it's necessary

Bug Severity

See examples in the documentation

SEV-3

To Reproduce

Steps to reproduce the behavior:

1. Go to the Security Statement in EN or FR https://notification.canada.ca/security
2. Click on the link in the header "Use GC Notify to send Protected A messages" for Protected A and the paragraph "Based on your assessment, deciding on the sufficient level of security. If Protected A or under is not sufficient, do not use GC Notify."
3. See 404 error message that the site has been updated

Expected behavior

When you click the link to Protected A, or the paragraph about Protected A, you should get taken to this page for the Directive on Security Management https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32614

Impact

Broken links create frustration and impede users from completing their tasks to learn about Notify and onboard.

If applicable

Impact on Notify users: Broken links cause furstration

Impact on Recipients: None

Impact on Notify team: None

Screenshots

Additional context

As per @YedidaZalik suggestion, in this case we will add another line introducing the link: eg. "For more information on Protected A, degree of injury and federal security levels, read the Directive on Security Management" or something like that. Then if the link changes in future, they can at least search for the title.
@mtoutloff agrees, and suggested we only link to it once.

[yaelberger-commits]

Please add your planning poker estimate with Zenhub @mtoutloff

[yaelberger-commits]

Please add your planning poker estimate with Zenhub @YedidaZalik

[mtoutloff]

Gabe flagged in a support ticket that this broken link also appears in the TOU: when clicking low-sensitivity personal information in
https://notification.canada.ca/terms

Will scan the other policy docs to see if the broken link appears anywhere else.

[andrewleith]

We have a test to check for dead links, but it wasn't alerting us due to bug. The card for this is here:
#1737

[andrewleith]

Current broken links:

page	text	broken link	fixed?
https://notification.canada.ca/security	Use GC Notify to send Protected A messages	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-eng.html#:~:text=information%20and%20assets-,Protected%20A,-Applies%20to%20information
https://notification.canada.ca/security	deciding on the sufficient level of security	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-eng.html
https://notification.canada.ca/securite	Utilisez Notification GC pour envoyer des messages Protégé A	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-fra.html
https://notification.canada.ca/securite	de décider, en fonction de cette évaluation, du niveau de sécurité	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-fra.html
https://notification.canada.ca/fonctionnalites	Découvrez comment mettre en forme les courriels	https://notification.canada.ca/guide-mise-en-forme	Yes

[amazingphilippe]

Fixed the email formatting link from GCA

[andrewleith]

Ok now that the test are passing, here is the latest list of failures:

Page	# of occurences	Link text	Link URL
/accessibility	1	Standard on Web Accessibility	https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=23601
/service-level-agreement	1	TBS Directive on Security Management	https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32611
/privacy	1	Directive on Privacy Practices	https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=18309#
/security	2	Protected A; level of security	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-eng.html#:~:text=information%20and%20assets-,Protected%20A,-Applies%20to%20information
/accessibilite	1	Norme sur l’accessibilité des sites Web	https://www.tbs-sct.canada.ca/pol/doc-fra.aspx?id=23601
/accord-niveaux-de-service	1	Directive sur la gestion de la sécurité du SCT	https://www.tbs-sct.canada.ca/pol/doc-fra.aspx?id=32611
/confidentialite	1	Directive sur les pratiques relatives à la protection de la vie privée	https://www.tbs-sct.canada.ca/pol/doc-fra.aspx?id=18309
/securite	2	Protégé A; niveau de sécurité	https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-fra.html

[YedidaZalik]

@yaelberger-commits @mtoutloff could we expand the scope of this card to address all of the above?

[andrewleith]

Potential replacement links for the security page:

• EN: https://www.canada.ca/en/public-services-procurement/services/industrial-security/security-requirements-contracting/safeguarding-equipment-sites-assets-information/levels-security.html
• FR: https://www.canada.ca/fr/services-publics-approvisionnement/services/securite-industrielle/exigences-securite-contrats/protection-equipement-lieux-biens-renseignements/niveaux-securite.html

[yaelberger-commits]

@andrewleith is this card done now? I thought we replaced or removed any that were broken?