I, the undersigned
(Chief executive officer or designated key senior official) (required)
of
(Company or organization legal name) (required)
hereby appoint the following Canadian citizen or permanent resident of Canada as corporate company security officer (CCSO) or company security officer (CSO) and attest that the appointee is able to fulfill all obligations relating to the position as listed below.
In relation to a designated organization screening (DOS) or a facility security clearance (FSC) within the Contract Security Program (CSP), the CCSO or CSO is responsible for:
reviewing the security requirements as defined in the contract security requirements checklist (SRCL) or contract security clauses and ensuring that all security requirements are adhered to
obtaining approval from the Canadian Industrial Security Directorate (CISD) prior to subcontracting contracts with security requirements
conducting updates and upgrades to security clearances in accordance with the required format and established time frames
appointing, briefing and training all alternate company security officers
appointing, from among the appointed alternate company security officers (ACSO), one officer to be the company security officer in their absence
identifying those employees who require access to protected and classified information, assets, or protected and classified work sites and ensuring that accurate and complete personnel security screening documentation is submitted for such employees
for designated organization screening, ensuring that all the CSO s and ACSO s are security screened to reliability status
in the case of facility security clearances, ensuring that all the organization's key senior officials and CSO and alternates are cleared to the highest level of access required
where necessary, arranging resolution of doubt interviews with employees
ensuring that employees receive a security briefing upon notification of having been granted a security clearance or reliability status by completing the security screening certificate and briefing form
ensuring that only personnel who have been security screened to the appropriate level and who have a need-to-know have access to protected and classified information and assets or controlled sites in accordance with contractual requirements
maintaining a current list of security screened employees in accordance with ARCHIVED - chapter 2 of this manual
ensuring that personnel security screening files are safeguarded properly
ensuring the security screening certificate and briefing form is submitted in order to terminate the reliability status or security clearance of those employees who no longer require access to protected and classified information and assets or controlled sites in accordance with contractual requirements
in coordination with client's security representatives, ensuring that employees working at client sites are briefed by the client concerning any relevant security requirements
ensuring the proper completion of requests for visits
informing CISD of any changes in the organization's legal status or ownership and in the case of facility security clearances, changes in the list of key senior officials
informing CISD prior to any physical move or new construction which could affect the safeguarding of protected and classified information or assets
documenting and reporting changes of circumstance or behaviour for personnel with regard to their security screening status as outlined in this manual
documenting and reporting persistent or unusual contact from another individual, or attempts by another individual to obtain access to sensitive information, assets or a facility without proper authorization
In relation to a DOS or a FSC with document safeguarding capability , the CCSO or CSO is also responsible for:
preparing ARCHIVED - Annex 1-C: Security orders and ensuring that all personnel who have access to protected and classified information and assets have been briefed on their security responsibilities through the implementation of an effective security awareness program
appointing, when required, an Information Technology (IT) corporate security coordinator and designates
appointing, when required, communication security (COMSEC) and alternate COMSEC custodians in accordance with the Industrial COMSEC Material Control Manual
ensuring that all protected and classified information and assets are safeguarded and handled in accordance with the provisions of this manual
ensuring that company security officer inspections are conducted, at least annually, of all the organization's facilities that hold protected and classified information and assets and that records of these inspections are retained for at least 3 years
providing, as a minimum, an annual inventory of protected and classified information and assets
ensuring that all security violations are recorded and subsequently investigated
ensuring that CISD is immediately notified of any breach or compromise, and that a written report is submitted to CISD as soon as possible. Investigation of breaches or instances of compromise shall be coordinated by CISD
To ensure that security issues are properly addressed and properly coordinated, it is necessary that the CSO be the official contact with the CSP . In most cases, the CSO will bring issues to the CSP by contacting the CSP client service centre at 1-866-368-4646 or ssi-iss@tpsgc-pwgsc.gc.ca . Communication with the CSP , whether written or oral, should be limited to the CSO and the ACSO (s) or the chief executive officer (CEO) or designated key senior official (KSO) of the organization.