Security incident report form for security officers

Following a security incident or breach, the company security officer (CSO) or alternate company security officer (ASCO) must provide the information requested in accordance with Annex A: Guidelines on company security officer and alternate company security officer responsibilities – Section VI. Security violations, breaches and compromises of the Contract Security Manual (CSM).

Do not submit protected and/or classified information by email with this report

When submitting this report, clearly indicate in your email message whether you must submit sensitive information as part of the incident reporting. The program analyst assigned to the file will contact you to make the necessary arrangements to obtain these documents.

Organization name (required)

Organization number (this number can be found on your organization clearance letter) (required)

Date of the incident (yyyy-mm-dd) (required)

Local time of the incident (between 00:00 and 23:59) (required)

First and last name of company security officer or alternate company security officer (required)

Email address (required)

Office phone number (required)

Cellular phone number

Location of the incident (required)

1. What is the nature of the incident and where and when did it occur? (required)

2. Who reported it, to whom, and when? (required)

3. What information or asset was involved (in detail)? (required)

4. What was the security marking and description of the information or asset involved? (required)

5. Who originated the information or asset? (required)

6. When, for how long, and under what circumstances was the information or asset vulnerable to unauthorized disclosure, and to whom was it disclosed or transmitted? (required)

7. What actions were taken to secure the information or asset and limit the damage? (required)

8. Is any information or asset lost or unaccounted for? (required)

Reminder

Annex A: Guidelines on company security officer and alternate company security officer responsibilities – Section VII. Reporting of the CSM states:

Upon receiving an incident report, the CSO or ASCO must immediately conduct a preliminary inquiry to determine all of the circumstances and report the incident to Public Services and Procurement Canada’s Contract Security Program (CSP) within 24 hours. If the results of a preliminary inquiry indicate a suspected or actual breach or compromise of information and assets, the CSO or ASCO must immediately notify the CSP.

Print this page for your records

Before you select "Submit", print this page for your records.

Organizations must keep records of incident reports for a period of 2 years following the incident. These records are subject to inspection and assessment by the CSP.

Send your report to the Contract Security Program

Once you have printed a copy of your incident report, you must, select "Submit" in order to send a copy to the CSP. Printing the incident report does not automatically submit a copy to the program.

Date modified:: 2024-02-08