ARCHIVED Security in Contracting and Changes to the 9200 Requisition Form

Attention! We’ve Moved! The Supply Manual has moved to the CanadaBuys website. Check out the new landing page for the Supply Manual.

Attention! We’ve Moved! The SACC has been archived and moved to the CanadaBuys website. Check out the new landing page for the archived SACC manual

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Item Information

Policy Notification ID
PN-85
Associated SM version
2007-2
Effective date
2007-10-31
Pilot policy
No

Introduction

The purpose of Policy Notification (PN) 85 is to update contracting officers on requirements related to security in contracting and the PWGSC-TPSGC 9200 requisition form, and to incorporate new procedures into the Supply Manual.

Policy

This PN, effective immediately, provides instructions and guidance to contracting officers to:

  1. clarify that security requirements apply not only to contracts, but also to Standing Offers (SOs), Supply Arrangements (SAs), and amendments;
  2. ensure that security risk mitigation procedures are established and documented in cases where security clearances are pending;
  3. provide the Canadian Industrial Security Directorate (CISD) with a copy of the contract/SO/SA/amendment within two days after the document is issued; and
  4. advise CISD of cancelled requirements immediately.

Contracting officers are also advised that the PWGSC-TPSGC 9200 form (Requisition for Goods and Services and Construction) has been updated to include a revised security block. The client must now indicate both whether the requisition includes security provisions and whether a Security Requirement Check List (SRCL) is required. If no SRCL is required, but the requirement does include security provisions, the client must explain why in the requisition (e.g. a procurement that invokes the National Security Exception of a trade agreement). With the revised security block, the client must now also certify that the requisition, including any attached SRCL, accurately details the security provisions of the requirement. It is the client's responsibility to determine the required level of authority of the personnel authorized to provide the security certification on the requisition; however, it is anticipated that the client's technical/project authority will be completing the certification. Contracting officers must review the requisition to ensure that the most recent version of the form has been used, that the security block has been completed and certified, and that any required SRCL has been attached.

The 9200 form has also been updated to make it clearer to clients that certification of both of the following signature blocks is mandatory:

  1. "Pursuant to Subsection 32(1) of the Financial Administration Act, funds are available."
  2. "The Undersigned approves this requisition, certifies that the necessary approvals have been obtained and requests PWGSC to acquire and provide the goods and/or services described herein."

The Subsection 32(1) certification is mandatory - it is required by the Financial Administration Act itself. Certification that, "the necessary approvals have been obtained", is not the equivalent of certifying that funds are available pursuant to Subsection 32(1). Contracting officers must ensure that the requisition includes both of these certifications, plus the new security block certification.

Contracting officers are advised that call-up forms PWGSC-TPSGC 236, 942, 942-2, 944 and supply arrangement contract forms PWGSC-TPSGC 9170 and 9200-11 have been updated to make it clearer to clients that both of the following signature blocks must be completed:

  1. "Pursuant to subsection 32(1) of the Financial Administration Act, funds are available."
  2. "Approved for the Minister".

Supply arrangement contract form PWGSC-TPSGC 9200-11 has also been modified to include the same security block as the call-up forms.

Revisions

Refer to Annex A of this document for changes to the Supply Manual. The changes will be incorporated into Version 07-02 of the Supply Manual, to be released November 30, 2007.

It should be noted that the Supply Manual is an evolving document. The electronic version of the Guide, available on PWGSC Website, is updated generally twice a year and, between these updates, it is revised, on an interim basis, via Policy Notifications.

Contact

N/A


Top of Page

Annex A - REVISIONS TO SUPPLY MANUAL

Chapter 1 - Overview

Public Works and Government Services Canada Procurement

1.001 (2007-xx-xx) This Manual describes the supply activities of Public Works and Government Services Canada (PWGSC). It contains relevant laws, regulations, government and departmental policies. It explains why and how the Department carries out its supply activities. The intended audience is PWGSC contracting officers.

This Manual is an evolving document as the legislative, policy and procedural framework for government contracting is not static. The electronic version of the Supply Manual, available on PWGSC Website, is generally updated twice a year. As an interim measure, Policy Notifications are used to implement new or modified policies, procedures, and/or clauses and conditions, until they can be incorporated into the relevant manual(s), that is the Standard Acquisition Clauses and Conditions Manual or Supply Manual.


Top of Page

Chapter 3 - Requisition Receipt

Review

Industrial Security Requirements

3.009 (2007-xx-xx) All requisitions and requisition amendments, for contracts, standing offers (SOs) or supply arrangements (SAs), containing a requirement for physical security, information technology security or personnel security screening, must include a Security Requirements Check List (SRCL). The client may complete the SRCL either electronically (referred to as an E-SRCL) via the online SRCL service, or in hard copy using the SRCL form TBS/SCT 350-103.

The Canadian Industrial Security Directorate (CISD) of Public Works and Government Services Canada (PWGSC) is responsible for administering the security in contracting component of the Industrial Security Program.

CISD's online SRCL service allows a client department to complete the SRCL form via the internet in a secure environment. With the online SRCL service, CISD can provide the security clauses for insertion into the bid solicitation document prior to the receipt of a signed hard copy of the SRCL, thereby expediting the process. Once CISD receives the SRCL, its turnaround time to provide the security clauses is two (2) working days for an E-SRCL and fifteen (15) working days for a hard copy of the SRCL.

  1. The following procedures apply when the client department has chosen to use the online SRCL service:
    1. The client department completes the E-SRCL and submits the form to the Departmental Security Officer (DSO), or delegated Security Authority, for electronic approval.
    2. The DSO verifies the content of the form, and if acceptable, approves it and forwards it to CISD via e-mail for preparation of the security requirements clauses. The DSO may also send carbon copies of this e-mail to the client and the PWGSC contracting officer, if known.
    3. CISD replies to the DSO's e-mail, with carbon copies to all those on the addressee list, by providing the appropriate security requirement clauses, to be included in the resulting bid solicitation and resulting contract/SO/SA.
    4. The client department must send PWGSC the latest version of the form, with the security block completed and certified, and with a hard copy of the SRCL attached, complete with signatures of the "Organization Project Authority" (Block 13) and the "Organization Security Authority" (Block 14). The SRCL must be either the original or a high quality facsimile.
    5. The contracting officer must review the requisition to ensure that the latest version of the form has been used, that the security block has been completed and certified, and that any required SRCL has been attached. The contracting officer should also notify the client who will then forward the e-mail from CISD, including the E-SRCL and CISD clauses, to the contracting officer. The contracting officer may then include the SRCL and clauses in the bid solicitation and proceed with issuing the bid solicitation in accordance with all applicable policies and procedures.
    6. In order to obtain the signature of CISD on a hard copy of the SRCL for appending to the resulting contract/SO/SA document, the PWGSC contracting officer must forward the following documentation to CISD via mail or fax:
      • the SRCL;
      • requisition/amendment cover page;
      • a copy of those portions of the requisition/amendment documentation which contain statements about security, and

      if applicable, a short list of any identified potential suppliers.
      The contracting officer must also advise CISD of:

      • whether the bid solicitation will result in a contract award, an SO or an SA; and
      • the period of the contract/SO/SA.

      For requirements that will result in an SO or an SA, the contracting officer must provide CISD with a copy of the Request for Standing Offer or Request for Supply Arrangement, as applicable. For requirements that will result in contract award, CISD will not normally require a copy of the bid solicitation.

    7. CISD will review the documentation, sign the SRCL as the Contracting Security Authority (Block 17) and return the signed SRCL to the PWGSC contracting officer for attachment to the resulting contract/SO/SA document, along with information on the organization's security status of any identified potential suppliers.
    8. Before contract award, the contracting officer must verify with CISD that the proposed contractor meets the security requirements of the bid solicitation. The contracting officer must also verify that any proposed subcontractors who will have access to any sensitive and/or classified information and/or work sites also meet the security requirements of the bid solicitation. If the proposed contractor and required subcontractors meet the necessary security requirements, the contracting officer must sign the SRCL at Block 16 and include the fully-signed SRCL as an annex in the resulting contract/SO/SA document.
    9. The contracting officer must provide a copy of the contract/SO/SA/amendment to CISD within two (2) working days after the document is issued. Contracting officers may send a PDF version of the document by e-mail to "SNCR ISR CONTRACTS" using Microsoft Outlook or sncrcontracts@tpsgc-pwgsc.gc.ca.
    10. If a requirement is cancelled, the contracting officer must advise CISD immediately.
  2. The following procedures apply when the client has chosen to complete the SRCL form in hard copy, without the use of CISD's online SRCL service:
    1. The client completes the SRCL using form TBS/SCT 350-103 and obtains the signature of the DSO or delegated Security Authority at Block 14. The client must send PWGSC the latest version of the form, with the security block completed and certified, with the signed SRCL attached. The SRCL must be either the original or a high quality facsimile.
    2. The PWGSC contracting officer must review the requisition to ensure that the latest version of the form has been used, that the security block has been completed and certified, and that any required SRCL has been attached.

      The PWGSC contracting officer must then forward the following documentation to CISD via mail or fax:

      • the SRCL;
      • requisition/amendment cover page;
      • a copy of those portions of the requisition/amendment documentation which contain statements about security, and
      • if applicable, a short list of any identified potential suppliers.

      The contracting officer must also advise CISD of:

      • whether the bid solicitation will result in a contract award, an SO or an SA; and
      • the period of the contract/SO/SA.
    3. CISD will review the documentation, sign the SRCL as the Contracting Security Authority (Block 17), and return the signed SRCL, along with the appropriate security requirement clauses and information on the organization's security status of any identified potential suppliers. The contracting officer may then proceed to include the SRCL and clauses in the bid solicitation. (The SRCL page with signatures may be omitted from the bid solicitation , but the SRCL signature page must be included in the resulting contract.)

      For requirements that will result in an SO or an SA, the contracting officer must provide CISD with a copy of the Request for Standing Offer or Request for Supply Arrangement, as applicable. For requirements that will result in contract award, CISD will not normally require a copy of the bid solicitation.

    4. Before contract award, the contracting officer must verify with CISD that the proposed contractor meets the security requirements of the bid solicitation. The contracting officer must also verify that any proposed subcontractors who will have access to any sensitive and/or classified information and/or work sites also meet the security requirements of the bid solicitation. If the proposed contractor and required subcontractors meet the necessary security requirements, the contracting officer must sign the SRCL at Block 16 and include the fully signed SRCL as an annex in the resulting contract.
    5. The contracting officer must provide a copy of the contract/SO/SA, and any amendments, to CISD within two (2) working days after the document is issued. Contracting officers may send a PDF version of the document by e-mail to "SNCR ISR CONTRACTS" using Microsoft Outlook or sncrcontracts@tpsgc-pwgsc.gc.ca.
    6. If a requirement is cancelled, the contracting officer must advise CISD immediately.

Requisition Checklist

3.020 (2007-xx-xx) All requisitions must be reviewed for acceptability, ensuring that they are properly coded and completed, so that procurement action can continue. The review should address the following:

  • Has the requisition been properly allocated?
  • Is the requisition authorized properly? The client must certify that:
    1. pursuant to Subsection 32(1) of the Financial Administration Act, funds are available;
    2. the requisition is approved, that the necessary approvals have been obtained, and that the client requests PWGSC to acquire and provide the goods and/or services described; and
    3. the requisition, including any attached SRCL, accurately details the security provisions of the requirement.

    Requisitions received via the REQNET (Requisitions on the Net) or UABEI (Universal ABE Interface) electronic interfaces are deemed to have been properly authorized with all signatures pursuant to the Financial Administration Act.

  • Is the security block of the requisition completed? If a Security Requirements Check List is required, is it attached?

Top of Page

Chapter 5 - Sourcing Strategy

Standing Offer

Industrial Security

5.186 (2007-xx-xx) The contracting officer, in conjunction with the client must determine:

  1. the minimum level of security required by potential offerors to participate in the standing offer method of supply.

    Security requirements must be stipulated in both the RFSO and the Standing Offer and Call-up Authority. Call-ups must identify, when applicable, security requirements that are in accordance with the terms and conditions of the standing offer. A Security Requirements Check List (SRCL), must be attached to any such call-up, and a copy must be forwarded to PWGSC Industrial Security for action, when the call-up is made.

    OR

  2. if the standing offer is NOT to be used with call-ups where any level of security is required.

Refer to 3.009, 6C.270 - 6C.278, and 7E.534 - 7E.536 for additional information on handling procurements with security requirements.


Top of Page

Section 6C: Risk Management

Industrial Security Requirements (Personnel or Organization)

6C.271 (2007-xx-xx) Protected/Classified information or assets for transmittal outside of Canada must only be forwarded to the Document Control Section (DCS) of CISD. Onward transmission and receipt through approved security channels will be undertaken by DCS.

6C.272 (2007-xx-xx) Upon receipt of the Security Requirements Check List (SRCL) form TBS/SCT 350-103 (see 3.009 for step-by-step procedures on handling SRCLs), CISD will:

  1. review the SRCL and attachments for completeness, clarity, and authorized signatures;
  2. obtain clarification from the Public Works and Government Services Canada (PWGSC) contracting officer, who will then liaise with the client department as necessary;
  3. ensure that the participating countries have the appropriate Industrial Security MOUs/Arrangements/Agreements with Canada;
  4. sign the SRCL form as the Contracting Security Authority and provide the contracting officer the appropriate security requirements clauses;
  5. provide information to the contracting officer on the organization's security status of identified potential suppliers;
  6. provide information to Canadian suppliers on the preparation and transmission of Protected or Classified information/assets. Classified information/assets must be forwarded to Document Control Section.

6C.273 (2007-xx-xx) Provided that it would not discriminate unfairly between potential suppliers, a solicitation may include an appropriate organization's security screening/clearance level as a mandatory technical requirement on or before the bid closing date. Alternatively, the required organization's security screening/clearance level may be obtained after selection of the potential contractor, provided the solicitation does not contain Protected/Classified information. (Refer to 3.009 and 7E.534 - 7E.536 for additional information on handling procurements with security requirements.)


Top of Page

Section 7E: Contract Award

Verifying Compliance that Personnel and an Organization's Security Status meet Security Requirements

7E.534 (2007-xx-xx) If the proposed contract contains personnel, information technology and/or physical security requirements, before it is awarded, a copy of the appropriate documentation must have been forwarded to the Canadian Industrial Security Directorate (CISD) for verification that all necessary security measures have been addressed. (See 3.009, 6C.270 - 6C.278 for additional information on handling procurements with security requirements.)

7E.535 (2007-xx-xx) For those cases where required security clearances are pending, but for urgent reasons, the contractor must begin the work, the client department must first provide, in writing to the contracting officer, the security risk mitigation procedures to ensure that (i) the contractor (and any subcontractors) will only perform those portions of the work that do not involve security requirements, and (ii) the contractor/subcontractors will not gain access to any sensitive and/or classified information and/or work sites, until the required security clearances are obtained.

The contracting officer must then obtain CISD's approval of these procedures, liaising with CISD and the client department, as necessary. The client department will have to provide the PWGSC contracting officer with a threat and risk assessment (TRA). Both the security risk mitigation procedures and TRA provided by the client department's Departmental Security Officer (DSO) and CISD's approval for these procedures must be documented on the file.

The client department will be responsible for ensuring that the identified security risk mitigation procedures are enforced so that the contractor/subcontractors will not gain access to any sensitive and/or classified information and/or work sites before the clearances are obtained.

7E.536 (2007-xx-xx) If, at any time during the period of the contract/SO/SA, the contracting officer becomes aware that a subcontractor, whose security status has not been verified with CISD, will be required to have access to any sensitive and/or classified information and/or work sites, the contracting officer must verify with CISD that the subcontractor meets the security requirements.


Top of Page

Section 7F: Completing the Contracting Process

Industrial Security Requirements

7F.724 (2007-xx-xx) If the contract/SO/SA contains security requirements, a copy of the contract/SO/SA document must be forwarded to the Canadian Industrial Security Directorate within two (2) working days after the document is issued. Contracting officers may send a PDF version of the document by e-mail to "SNCR ISR CONTRACTS" using Microsoft Outlook or sncrcontracts@tpsgc-pwgsc.gc.ca. (Refer to 3.009, 6C.270 - 6C.278, and 7E.534 - 7E.536 for additional information on handling procurements with security requirements.)


Top of Page

Section 9J: Supply Arrangements

9J.4 (2007-xx-xx) Before establishing a supply arrangement, the contracting officer will prepare and issue a competitive Request for a Supply Arrangement, which will allow for a suitable pool of suppliers under the stated evaluation criteria. Industrial Security requirements (i.e. Personnel, Physical and Information Technology security) should be identified at this time, when any or all of these security aspects will be applicable to all clients of the supply arrangement. (Refer to 3.009, 6C.270 - 6C.278, and 7E.534 - 7E.536 for additional information on handling procurements with security requirements.)

Feedback about this web site