Authors: Meagan Vestby, Ben Mills
The Contract Security Program (the “CSP”), ran by Public Services and Procurement Canada (“PSPC”), provides security screening for organizations and their personnel to fulfill the security requirements in a Government of Canada contract. It is typical for a Government of Canada contract to contain security requirements when access to Canadian or foreign protection or classified information, assets or sites is required in the exercise of the contract. If a Government of Canada contract has security requirements, they will be clearly stated in the Government of Canada’s request for proposal. It is mandatory for your organization to register with PSPC’s CSP before you can begin work on a Government of Canada contract with security requirements.
By registering in the CSP, your organization enters into an agreement with the Government of Canada to: (1) meet the security requirements in the Contract Security Manual (“CSM”) and any other security requirements in a contract awarded to the organization, (2) allow for the Government of Canada to conduct security inspection at your facilities, and (3) cover any security related costs.
Organizations should not register in the CPS until fully appreciating the implications and potential costs of participating in the program.
If your organization is considering participating in a Government of Canada procurement process, which includes security requirements, the CSM is an indispensable resource. The CSM outlines the requirements organizations must follow if they are awarded a government contract with security requirements. The CSM replaced the previously issued Industrial Security Manual (“ISM”) and the CSM will supersede the ISM for contracts dated after August 12, 2020. It is important to note, the CSM is modified on an ongoing basis. Organizations should refer to the electronic version periodically to ensure the security information your organization relies upon is up-to-date.
When your organization begins a Government of Canada procurement process, you will be required to complete a “security requirement checklist” outlining the security requirements in a contract. The specific security requirements are identified in the solicitation document and the security requirement checklist will form part of the bid solicitation documents. The contract authority ensures that all requirements, clauses, and any supplementary remarks regarding the security requirements are included in the legally binding contract documentation. That is why organizations participating in the procurement process should not sign a contract until they fully understand the implications and potential costs of the security requirements. Finally, the Canadian Industrial Security Directorate will verify that your organization meets the security requirements of the bid solicitation.
If your organization is participating in a Government of Canada procurement process, the solicitation requires a security clearance, and your organization does not have one, you should contact the contracting authority as soon as possible to get the security clearance process started. The time required to obtain a security clearance will vary in some cases may take up to 12 months. Delays in the security process could result in your bid being declared non-responsive.