International contract security requirements

Find out how Public Services and Procurement Canada's Contract Security Program (CSP) can help your organization get the security clearance it needs to compete in the global marketplace. Learn how to fulfill security requirements when your organization is contracting or subcontracting with a foreign government or organization or if your organization is foreign and looking to bid on a Government of Canada contract.

On this page

Security requirements for international contracts

Security requirements are clauses written into government solicitation documents and contracts with private sector organizations. They specify what levels of security are required to safeguard sensitive information, assets and work sites.

Security requirements for international programs and projects may be listed in the:

Bidding on Government of Canada solicitation requests with security requirements

Foreign organizations wanting to bid on Government of Canada solicitation requests with security requirements must contact their home country's national security authority (NSA) or designated security authority (DSA). These authorities are the government organizations responsible for contract security also known as “industrial security”.

Bidding on classified solicitation requests from foreign governments

Canadian organizations wanting to bid on classified solicitation requests from foreign countries, international organizations or to create partnerships with foreign suppliers must inform the CSP of their intent by email:

What to expect during the contracting process

Canadian organizations can expect a number of actions to occur during the following 3 phases of the contracting process.

Phase 1. Preparing to bid

The CSP will:

  • help your organization understand foreign contract security requirements, and ensure they comply with the international bilateral security instrument in place with that country or international organization
  • need to approve the anticipated release of Canadian classified information to foreign entities
  • provide security screening once your organization is sponsored by the foreign NSA, the DSA or a Canadian approved source
  • assist with any required exchange of classified solicitation documents, if required

Learn how to obtain security screening for your organization.

Phase 2. Prior to contract award

The foreign government or organization responsible for the contract will:

  • contact the CSP to:
  • issue foreign security clauses for the contract or subcontract

Phase 3. After contract award

Canadian organizations that have been awarded a foreign classified contract must send the security clauses to the CSP by email:

The CSP will:

  • ensure the security requirements are in line with the international bilateral security instruments
  • assess your organization's security plans
  • process approvals for:
    • visits to secure sites and document transfers
    • program or project security instructions
    • secure electronic communications plans
    • the release of Canadian classified information to foreign entities
  • ensure compliance

Subcontracting to foreign organizations

Before subcontracting to a foreign organization, Canadian organizations must get written approval from the CSP by emailing a request:

During the approval process, the CSP will:

Requesting foreign security assurances

A foreign security assurance is the confirmation that a foreign organization and/or its personnel meet the security requirements of a solicitation request, contract, subcontract or international program. If the organization and its personnel do not meet the requirements, they will be screened at the appropriate and required level by the NSA or the DSA in their home country.

Canadian organizations need to request foreign security assurances from the CSP by sending an email:

Security assurances for Canadian organizations

The CSP provides security assurances to foreign governments for Canadian organizations bidding on classified foreign contracts.

Security assurances for foreign organizations

Canadian organizations wanting to subcontract to a foreign organization must contact the CSP to confirm the possibility to subcontract and to request a foreign security assurance, as appropriate.

During the request process, your organization will need to provide a:

  • point of contact for the foreign organization along with the:
    • email address
    • telephone number
    • physical address
    • country of origin
  • government or international organization contract number
  • security levels and requirements of the contract (for example, state whether your subcontractor will need access to classified information and assets or access only to a specific secure work site)

If available, you can also provide the organization's business registration number, equivalent to your Canadian Procurement Business Number:

  • for subcontractors based in the United States (US), this number is called the Commercial and Government Entity (CAGE) code
  • for subcontractors based in a North Atlantic Treaty Organization (NATO) country, this number is called the NATO Commercial and Government Entity (NCAGE) code

Security assurances for foreign personnel

The CSP conducts foreign security assurances for employees who hold personnel security clearances in countries that share bilateral security instruments with Canada.

To request a security assurance for foreign personnel, you must provide the CSP with the following information:

  • name, place of residence, place of birth, date of birth and citizenship of the employee
  • name and address of their employer
  • government-issued identification, such as a social security number in the US or national identity card number in other countries
  • government or international organization contract number

Exchanging protected or classified information

Canadian organizations must contact the CSP if it needs to exchange or transfer sensitive information or assets during a program, project or contract with a foreign organization, foreign government or an international organization.

The CSP will determine if the foreign organization, foreign government or international organization can receive and safeguard the information or asset.

Learn how to transfer sensitive information and assets.

Bidding on North Atlantic Treaty Organization procurement initiatives

The NATO is an alliance of 32 member countries from North America and Europe. This membership gives Canadian organizations the opportunity to bid on NATO procurement initiatives.

Learn about the NATO member countries

Learn how the NATO procurement process works by consulting the How to bid on NATO contracts and win.

NATO procurement initiatives are advertised here:

North Atlantic Treaty Organization clearances for organizations

Organizations bidding on NATO opportunities must meet the NATO security requirements listed in the procurement documents.

A NATO facility security clearance (FSC) gives access, at the appropriate security level, to information and assets to the level of:

  • NATO Confidential
  • NATO Secret
  • Control of Secret Material in an International Command (COSMIC) Top SecretFootnote 1

For contracts requiring access to NATO restricted information and assets, contact the CSP by sending an email:

How organizations get a North Atlantic Treaty Organization facility security clearance

North Atlantic Treaty Organization personnel security clearance

Once your organization is granted a NATO FSC, you need to request NATO personnel security clearances for employees to gain access to NATO classified information and assets.

Who is eligible

Once your organization is granted a NATO FSC, you can request NATO personnel security clearances for employees who are:

  • citizens of Canada or permanent residents
  • citizens of other NATO countries (the CSP will coordinate with the DSA of that country)
  • citizens of non-NATO countries at NATO Confidential or Secret clearance level, on a case-by-case basis

How personnel get a North Atlantic Treaty Organization clearance

Organizations that have obtained the required NATO FSC can request NATO personnel security clearance for their employees. Once the Canadian personnel security clearance has been granted, the CSP will send you a NATO security briefing form to be completed and signed by the company security officer and the employee. Once approved, the employee is considered NATO security cleared, with access to NATO information and assets respecting the need-to-know principle.

Learn more about NATO security requirements in Section 10.2 North Atlantic Treaty Organization of the Contract Security Manual (CSM).

Getting approval for visits to secure sites

If you are hosting a visit to a secure site in Canada, or visiting a secure site abroad, you must get approval from the CSP.

Learn how to get approval for visits to secure sites.

International bilateral security instruments

The Government of Canada works with foreign governments to safeguard the exchange of protected and classified information, and to help Canadian organizations compete internationally.

To help Canadian organizations access international contracts involving classified information, Canada has negotiated bilateral security instruments with various countries and international organizations.

The countries and international organizations are:

  • Albania
  • Australia
  • Belgium
  • Brazil
  • Bulgaria
  • Chile
  • Denmark
  • European Space Agency (ESA)
  • European Union (EU)
  • Finland
  • France
  • Germany
  • Israel
  • Italy
  • Latvia
  • NATO
  • Netherlands
  • New Zealand
  • Norway
  • Singapore
  • South Africa
  • Spain
  • Sweden
  • Switzerland
  • United Kingdom
  • United States

The Multinational Industrial Security Working Group

Canada is part of the Multinational Industrial Security Working Group (MISWG) that consists of NSAs, DSAs and their representatives who are responsible for industrial security in their country. The MISWG mission is to:

  • promote, improve and harmonize common international industrial security best practices
  • safeguard classified and certain other forms of government-controlled information in order to confront current and emerging security threats and challenges within its scope

Adoption of common templates and exchange procedures facilitate the implementation and operation of international programs and projects among the MISWG membership.

This international working group consists of:

  • all NATO countries (except Iceland)
  • Australia
  • Austria
  • Israel
  • Japan
  • New Zealand
  • Singapore
  • Switzerland
  • European Commission (observer)
  • European Defence Agency (observer)
  • ESA (observer)
  • NATO Office of Security (observer)
  • Organisation for Joint Armament Co-operation (OCCAR) (observer)

International alternative solutions

In exceptional cases where there is no international bilateral security instrument covering Canadian protected information (Protected A or Protected B only) customized international alternative solutions may be used to govern the safeguarding of Canadian protected information handled abroad for Government of Canada contracts.

With international alternative solutions:

The suitability of an alternative solutions approach is always considered on a case-by-case basis and is at the exclusive discretion of the CSP. These alternative solutions depend on:

  • the existence of a bilateral security instrument for the exchange of classified information
  • the location of the foreign suppliers and their facilities (for example, within a member country of NATO or of the EU)
  • the nature of information to be shared
  • the adequacy of the other country's privacy legislation


International alternative solutions do not apply to classified or Protected C information or assets.

Security clauses for international alternative solutions

An alternative solution mainly uses security clauses to specify the security requirements. These clauses ensure that foreign contractors or subcontractors safeguard Canadian protected information according to similar standards as Canadian suppliers on various aspects, such as:

  • personnel security screening
  • physical security
  • information technology security
  • protection of personal information

Security clauses also cover compliance visits, security breaches and the measures to be taken in case of loss or compromise of Protected A or Protected B assets and information exchanged under a contract or subcontract.

Security clauses for international alternative solutions are:

  • contract-specific
  • valid for the life of the contract or subcontract
  • not transferable between contracts or subcontracts

More information

Date modified: