ARCHIVED – Annex 1-C: Security orders
Archived information
This information has been archived and replaced by the Contract Security Manual.
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived.
1. Introduction
Each organization granted a designated organization screening (DOS) or facility security clearance (FSC) must produce a document that guides and directs employees on the security measures they must implement in the organization. It may be titled: company security manual, security orders, or security policies and procedures. It must be based on the Industrial Security Manual but avoid reproducing the manual in its entirety. Instead, develop security orders for the specific facility holding the FSC.
2. Suggested topics
- Contract Security Program and its legal authority
- Security references
- Security organization:
- corporate company security officer (CCSO) and alternate
- company security officer (CSO) and alternate
- electronic data processing (EDP) security coordinator and security designates
- communication security (COMSEC), COMSEC custodians and alternate security staff
- designated organization screening and facility security clearance
- security staff
- Designated organization screening or facility security clearance:
- level of security
- Safeguarding of information and assets:
- Protected information:
- Protected C
- Protected B
- Protected A
- Classified information:
- Top Secret
- Secret
- Confidential
- Protected information:
- Personnel security screening:
- the requirement for screening certain employees (need-to-know basis)
- the positions requiring screening
- the procedures for requesting screening
- the requirement for the employee to provide personal information
- the protection that must be afforded to this information
- the requirement for employees to notify security personnel of significant changes in personal status
- records of screened personnel
- security briefing documentation
- Procedure for persons terminating employment
- Security education and awareness
- Handling of classified visits
- Handling of unclassified visits
- Physical security:
- zones
- public access
- reception
- operations
- security
- high security
- Access controls:
- business hours and silent hours
- badges and identification cards
- employees, visitors, cleaners and maintenance personnel:
- authorization
- logging and registration
- escorting
- recording devices (like cameras or tape recorders)
- Intrusion alarms
- Security response
- Police response
- Fire, bomb and other emergencies:
- notification
- response
- evacuation
- contingency plans
- Handling of protected and classified information and assets:
- marking
- recording
- inventory
- storage
- secure containers
- combinations
- Identification cards and passwords
- protection during use
- sensitive discussion areas (SDA)
- packaging and transmittal
- removal
- reproduction
- reclassification and declassification
- destruction
- musters
- procedures during an emergency
- Special North Atlantic Treaty Organization (NATO) requirements
- Security incidents:
- violations, breaches and compromise
- reporting
- investigation
- Visit clearance procedures:
- national
- international
- Contract security requirements:
- Security requirements check list (SRCL)
- subcontracting
- publicity
- Foreign contract security requirements:
- third party access restrictions
- memorandum of understanding (MOU)s and arrangements in place
- Information technology security (ITS):
- standards
- inspections
- approvals
- government responsibilities
- COMSEC
- telecommunications:
- voice
- data
- video
- fax
- telex
- United States—Canada Joint Certification Program
- Where to obtain security information
- List of abbreviations and acronyms
- List of definitions