Industrial Security Manual
The Industrial Security Manual is a guide for private sector organizations bidding and working on sensitive Government of Canada contracts. Organizations registered with the Contract Security Program must be compliant with the security requirements set out in this manual.
This manual is issued under the authority of, and pursuant to, the Department of Public Works and Government Services Act and the Treasury Board Policy on Government Security. It is designed to address all aspects of the requirements of Public Services and Procurement Canada’s Contract Security Program. The program is mandated to ensure that security practices are established and maintained by private sector organizations with access to classified and protected government information and assets when under contract to the Government of Canada.
Every organization and individual provided with a security clearance under the Contract Security Program must be familiar with the contents of the Security of Information Act. This act identifies the penalties for mishandling classified information or communicating classified information to an unauthorized person.
In addition, when implementing the requirements of the program, consideration must always be given to the privacy of individuals as defined in the Privacy Act, and access to information in records as defined in the Access to Information Act.
Table of contents
Chapter 1: General introduction
- 100. Industrial Security Manual
- 101. Policy on Government Security
- 102. Contract Security Program
- 103. Appointment of the company security officer and alternates
- 104. Responsibilities of the company security officer
- 105. Corporate company security officer
Annexes
Part I: Reliability status
- 200. General
- 201. Reliability status
- 202. Access to protected information, assets or sites
- 203. Pre-screening requirements
- 204. Procedures for requesting a Reliability status
- 205. Security screening, certificate and briefing form (TBS 330-47)
- 206. Transfer of reliability status between organizations
- 207. Inability to grant, or denial of a reliability status
- 208. Reliability status records
- 209. Reports
Part II: Personnel Security Clearances
- 250. General
- 251. Organization's responsibilities relating to a personnel security clearance
- 252. Pre-screening requirements
- 253. Procedures for requesting a personnel security clearance
- 254. Special cases
- 255. Security screening certificate and briefing form (TBS/SCT 330-47)
- 256. Transfer of security clearances between organizations
- 257. Inability to grant, or denial of security clearance
- 258. Personnel security clearance records
- 259. Reports
Chapter 3: Facility security clearances, Part I—Designated organization screening (protected)
- 300. General
- 301. Care and custody of protected information and assets
- 302. Pre-contractual negotiations
- 303. Government of Canada security agreement
- 304. Types of designated organization screening
- 305. Status of designated organization screening
- 306. Period of validity
- 307. Site clearances within an organization
Chapter 3: Facility security clearances, Part II—Facility security clearances (classified)
- 350. General
- 351. Personnel security clearances for key senior officials
- 352. Parent organizations
- 353. Foreign ownership, control or influence
- 354. Care and custody of classified information and assets
- 355. Pre-contractual negotiations
- 356. Government of Canada security agreement
- 357. Types of facility security clearances
- 358. Status of facility security clearance
- 359. Period of validity
- 360. Site clearances within an organization located in Canada
- 361. Branch office outside of Canada
- 362. Reciprocal facility security clearances
Annexes
- Annex 3-A: Designated organization screening requirements (protected information)
- Annex 3-B: Facility security clearance requirements (classified information)
- Annex 3-C: Facility security clearance requirements (NATO classified information)
- Annex 3-D: Resolution of exemption of parent organization form
- Annex 3-E: Non-disclosure certificate form
- Annex 3-F: Subsidiary board resolution noting parent's exclusion and resolution to exclude parent organization form
- Annex 3-G: Public Services and Procurement Canada security agreement
Chapter 4: Facility safeguarding
- 400. General
- 401. Physical security
- 402. External areas and perimeters
- 403. Control of Access to secure zones
- 404. Security of recorded information
- 405. Security of assets
Chapter 5: Handling and safeguarding of classified and protected information and assets
- 500. General
- 501. Security warning for contractor produced publications
- 502. Marking classified and protected information
- 503. Records management
- 504. Safeguarding of information and assets
- 505. Use of laptop computers
- 506. Packaging and transmittal of classified and protected information and assets
- 507. Temporary removal of classified and protected information and assets
- 508. Reproduction
- 509. Reclassification and declassification
- 510. Retention
- 511. Destruction
- 512. Security violations, breaches and compromises
- 513. Verbal and message communication
Annexes
- Annex 5-A: Registering a document for equipment purchase form
- Annex 5-B: Approved equipment available for purchase by organizations
- Annex 5-C: Standard for the transmittal of classified and protected information and assets
- Annex 5-D: Arrangement for the hand carriage of classified/Protected B documents, equipment and/or components within Canada
- Annex 5-E: Arrangements for escorting Secret, Confidential or Protected C bulk shipments within Canada that cannot be hand carried
Chapter 6: Classified request for visit protocol for Canadian-based industry
- 600. General
- 601. Types of request for visit
- 602. Mandatory prerequisites
- 603. Categories of request for visit
- 604. Information required for request for visit (by category)
- 605. Lead-time requirements
- 606. Procedures for urgent visits as a result of an invitation
- 607. Amendments
- 608. Obligation to notify host organization
- 609. Host organization responsibilities
- 610. Visiting organization responsibilities
- 611. Project lists
- 612. Unclassified visits
Annexes
- Annex 6-A: Request for visit form
- Used by organizations in Canada or abroad to request a visit to a Government of Canada site
- Annex 6-B: Lead-time requirements
Chapter 7: Classified and protected contracts
- 700. General
- 701. Contract responsibility
- 702. Contract security instructions
- 703. Subcontracts
- 704. Subcontracting to organizations outside of Canada
- 705. Standing offers
- 706. Publicity
- 707. Foreign release and export sales
Annexes
Chapter 8: Information technology security
- 800. General
- 801. Organization and administration
- 802. Roles and responsibilities
- 803. Requirements for emission security
- 804. Secure telecommunications requirements
- 805. Security of communications security information and assets
Chapter 9: Security requirements for the North Atlantic Treaty Organization
- 900. General
- 901. Personnel security clearances
- 902. Facility security clearances
- 903. Handling of classified North Atlantic Treaty Organization information
- 904. Visits
- 905. Contracts
Chapter 10: Joint Certification Program
- 1000. General
- 1001. Joint certification process
- 1002. Unclassified visits
- 1003. Contact point
Chapter 11: International security issues
- 1100. General
- 1101. Roles and responsibilities
- 1102. Foreign disclosure policy
- 1103. Bilateral security agreements
- 1104. Multinational armaments cooperative programs with North Atlantic Treaty Organization allies
- 1105. Handling and safeguarding of foreign classified information and assets
- 1106. Protected information
- 1107. Restricted information
- 1108. Security requirements for contracts awarded to foreign interests
Chapter 12: Security education
- 1200. General
- 1201. Suggested security briefing content