Organization security clearances
Public Services and Procurement Canada's (PSPC) Contract Security Program (CSP) can help your organization obtain the level of security clearance it needs to bid or work on government contracts. Explore the types of organization security clearances we offer and find out how to determine what type of clearance your organization needs to fulfill a contract's requirements.
On this page
- Finding the clearance you need
- Types of organization security clearances
- Organization security safeguards
- Designated organization screening
- Facility security clearance
- Document safeguarding capability
- Production capability
- Shredding capability and bulk storage capability
- Authority to process information technology
- Communications security and information security
Finding the clearance you need
The type of clearance your organization needs is determined by the requirements of the contract, and will be listed in the request for proposal and the clauses of the contract.
Types of organization security clearances
Organization security safeguards
The following safeguarding capabilities may be required for specific contracts:
Designated organization screening
A designated organization screening (DOS) allows organizations to get security screening for their personnel at the reliability status level.
In some cases, a DOS is required before you bid on a contract. This requirement will be stated in the request for proposal.
Learn more about the DOS in Chapter 3: Registration – section 3.2.1 Levels of clearance of the Contract Security Manual.
How to obtain a designated organization screening
Organizations obtain a DOS through the organization screening process.
Facility security clearance
A facility security clearance (FSC) allows an organization to clear their personnel at the classified level in order to access classified information, assets and work sites. In some cases a FSC is required before you bid on a contract.
It can be granted at the following levels:
- confidential
- secret
- top secret
- North Atlantic Treaty Organization (NATO) clearances
This clearance may also allow access to classified information and assets marked "Canadian Eyes Only", "COMSEC" (communications security), and "NATO".
Organizations bidding on NATO opportunities must meet the security requirements listed in the contract.
- Learn more about international contract security requirements
- Consult Chapter 9: International Security of the Contract Security Manual
- Find out about bidding on North Atlantic Treaty Organization contracts
Learn more about the FSC in Chapter 3: Registration – section 3.2.1 Levels of clearance of the Contract Security Manual.
How to obtain or upgrade a facility security clearance
Organizations obtain a FSC through the organization screening process.
Document safeguarding capability
Document safeguarding capability (DSC) authorizes an organization to store and handle protected or classified information or assets at their work site(s).
This capability can be granted at the following levels:
- Protected A, B and C
- confidential, secret, top secret and NATO confidential, Control of Secret Material in an International Command (COSMIC) top secretFootnote 1
To obtain a DSC, your organization must hold a DOS or a FSC.
This capability is site-specific. It is required for each of your work sites where you will be performing work with security requirements.
How to obtain document safeguarding capability
Organizations obtain DSC through the organization security screening process, and by completing a successful site inspection by a field industrial security officer (FISO).
Production capability
A production capability designation may be required if your organization builds, manufactures, repairs, modifies or works on sensitive products at your work site. It is contract specific.
How to obtain production capability
Organizations obtain production capability designation through the organization screening process, and by completing a successful site inspection by a FISO.
Shredding capability and bulk storage capability
Shredding capability and bulk storage capability are security designations that the program may grant to organizations who are required by contract to:
- destroy sensitive information or assets
- store bulk information or assets at their work site
How to obtain a shredding capability and bulk storage capability
Organizations obtain a shredding capability and bulk storage capability through the organization screening process, and by completing a successful inspection by a FISO.
Authority to process information technology
Organizations must get authority to produce, process, store or transmit information electronically for contracts requiring information technology security. It may be granted to organizations producing, processing, storing or transmitting sensitive information electronically for a specific contract.
Find out about information technology security requirements
How to obtain authority to produce, process, store, or transmit information electronically
Organizations obtain authority to produce, process, store, or transmit information electronically through the organization screening process, and by completing a successful inspection by an information technology (IT) security inspector with the Program.
Information technology inspections
IT security inspections are performed after contract award—but before your organization begins producing, processing, storing or transmitting sensitive electronic information.
Your organization must get an authority to process information electronically approval letter from the Program before you begin producing, processing, storing or transmitting sensitive electronic information.
Communications security and information security
Organizations may need to get communications security (COMSEC) and information security (INFOSEC) for contracts requiring IT security.
- COMSEC: a security requirement for safely storing, processing, transmitting and receiving telecommunications, such as a computer network
- INFOSEC: a special category of classified communication electronic security information
How to obtain communications security and information security
COMSEC and INFOSEC are granted by the Communications Security Establishment, Canada's national cryptologic agency. The CSP conducts the physical security inspection related to COMSEC and INFOSEC.