7.55. Contract security requirements

Attention! We're Moving! This fall, the Supply Manual will be moving to the CanadaBuys website. Check out the new landing page for the Supply Manual.

  1. For every proposed procurement, the client departments must identify the security requirements by completing a Security Requirement Check List (SRCL) or else certify in writing that there are no security requirements (date of no security requirement must be included).
  2. The contracting officer must verify with the Contract Security Program (CSP), and not by using the security indicator from the Vendor Information Management (VIM) system, that the proposed contractor meets the security requirements before contract award. For more information, see 5.15 Verifying compliance with security requirements.
  3. Contracting officers must include a comment on the front page of the contract, standing offer, or supply arrangement, as follows:
  4. If applicable, the document index shall contain the block entitled:
    "Security Requirement(s)"
    AND, if applicable
    "Location(s) of Work Performance"
  5. If the contract, standing offer or supply arrangement contains security requirements, the contracting officer must forward a copy of the contract, standing offer or supply arrangement, and any amendments, or revisions, to the CSP within two working days of the document being issued. Contracting officers may send a PDF version of the document by e-mail to tpsgc.ssicontrats-isscontracts.pwgsc@tpsgc-pwgsc.gc.ca.
  6. When contracting for destruction of protected and classified government materials, contracting officers must be aware of the additional measures required and manage the risks associated with the destruction of protected and classified government materials. The Corporate Security Technical Standard defines PWGSC corporate policy and procedures relating to classified waste destruction, and should follow the interim standard, regarding classification levels of shredders, and complete the appropriate form ARC 0203, Request for Non-Accessioned Disposal, for the destruction of sensitive documents.
    PWGSC threshold may be exceeded when administering destruction contracts on behalf of other client departments, based on the client's threat risk assessment. If such is the case, the client may develop a security guide as amplifying instructions, which is to be attached to the Security Requirements Check List (SRCL) and the Statement of Work.
  7. IMPORTANT: For foreign classified information, consult with the CSP’s International Industrial Security Directorate (IISD) before undertaking destruction.