Contract Security Program roadmaps for Government of Canada suppliers

These roadmaps and series of reference sheets show our clients how to complete the processes and comply with the requirements of the Contract Security Program. Bookmark or print these pages for easy reference.

On this page

Roadmaps

Supplier’s roadmap

supplier’s roadmap - long description below
Description of the supplier’s roadmap

The title of the image is “Contract Security Program roadmaps for Government of Canada suppliers.” The Public Services and Procurement Canada corporate signature appears at the top of the image.

There is a series of arrows indicating steps in a process.

The first arrow is labelled Get a sponsor (PDF, 675KB).

The first arrow points to the second arrow, which is labelled Register (PDF, 193KB).

The second arrow points to the third arrow, which is labelled Comply (PDF, 176KB).

The third arrow points to 4 labels:

The Secure worksites label leads to the Information technology security label.

A note reads “Processing security clearances takes time. Plan ahead!”

A link reads “Consult the main roadmap.”

A heading is titled “Contact us” and provides the following information:

National Capital Region:
613-948-4176
Toll-free:
1-866-368-4646
Email:
ssi-iss@tpsgc-pwgsc.gc.ca
Website:
Security requirements for contracting with the Government of Canada

Detailed supplier’s roadmap

main roadmap - long description below
Description of the detailed supplier's roadmap

The title of the image is “Contract Security Program roadmaps for Government of Canada suppliers.” The Public Services and Procurement Canada corporate signature appears at the top of the image. A disclaimer that reads “Note: Subject to change based on program updates” appears at the top of the image.

Step 1: Get a sponsor

Learn—Find—Apply.

An organization must be sponsored by a Government of Canada (GC)-approved source to register with Public Services and Procurement Canada (PSPC) contract.

A GC-approved source must submit a Request for Private Sector Organization Screening (PSOS) to PSPC.

In the PSOS the GC-approved source must clearly demonstrate that an organization will need access to sensitive information, assets or worksites as part of a government contract or subcontract with security requirements.

Canadian prime contractors who wish to subcontract to an organization that is not registered with the PSPC Contract Security Program (CSP) can sponsor the subcontractor and must complete and submit a security requirements checklist (SRCL) (TBS/SCT 350-103) along with the PSOS.

Note: Canadian prime contractors who wish to sponsor, must also be in good standing with the CSP and have an active GC contract.

Step 2: Register

Appoint a security offi­cial

To register with PSPC an organization must appoint a company security officer (CSO) and 1 or more alternate company security officers (ACSO).

If sponsorship is approved, the PSPC will contact the organization directly to initiate the registration process.

The PSPC will send a registration package containing a series of forms to the organization for completion.

Company security officer responsibilities

CSOs are accountable to the PSPC on all contract security matters.

Types of organization clearances

Designated organization screening (DOS): Protected A, B, C information/assets. Timeline to acquire: up to 6 months.

Facility security clearance (FSC): Secret, top secret information and assets. Timeline to acquire: 6 months or more.

Step 3: Comply

Screen your personnel

A personnel security screening is required for employees who need to access federal government protected or classified information, assets and work sites as part of a contract.

Security of information and assets

Organizations are responsible to ensure the protection of government sensitive information and assets entrusted to them.

This includes when: transferring or exchanging sensitive government of Canada information or assets in Canada or abroad.

Personnel security clearances

Reliability status and Secret clearances are valid for 10 years.

Top Secret is valid for 5 years.

An employee can only start to work on a contract when granted a security clearance and briefed on related security responsibilities.

Maintain your organization security clearance

The information that the organization supplies to obtain its clearance must be kept up to date and any changes to this information must be reported to the PSPC as soon as it changes.

Other security requirements

Subcontract

Responsibility: A prime contractor is responsible to get approval from PSPC before subcontracting work.

Sponsor: The prime contractor must complete a security requirements checklist (SRCL) and submit it with a request for private sector organization screening (PSOS) form to PSPC to sponsor a subcontractor into the program.

Screen subcontractor: The subcontractor’s organization and personnel must be cleared before work can begin.

Secure worksites

Document safeguarding capability (DSC): If an organization is required to store sensitive GC information and assets, physically and/or electronically at their worksites, they need to obtain document safeguarding capability through PSPC.

To obtain DSC, an organization must first obtain a valid DOS or FSC.

Information technology security

The authority to produce, process and store protected or classified GC information is also subject to PSPC approval.

International industrial security

Canada negotiates bilateral security instruments with various countries.

List of countries with bilateral security instruments

Request for visits: Contact PSPC for approved to visit a secure government and/or organization site in Canada or abroad.

Foreign contracts: Contact PSPC to learn more about international contracts.

Contact us

National Capital Region:
613-948-4176
Toll-free:
1-866-368-4646
Email:
ssi-iss@tpsgc-pwgsc.gc.ca
Website:
Security requirements for contracting with the Government of Canada

Reference sheets

Follow each link to download the reference sheet. The first 3 reference sheets describe the required steps that all new and future Contract Security Program clients must follow. The last 4 reference sheets describe the processes for particular clients to follow.

Step 1: Get a sponsor

Reference sheet: Get a sponsor

Step 2: Register

Reference sheet: Register

Step 3: Comply

Reference sheet: Comply

Subcontract

Reference sheet: Subcontract

Safeguarding worksites and information

Step 1: Secure worksites

Reference sheet: Secure worksites

Step 2: Information technology security

Reference sheet: Information technology security

International industrial security

Reference sheet: International industrial security

Date modified: