International contract security requirements
Find out how Public Services and Procurement Canada's Contract Security Program (CSP) can help your organization get the security clearance it needs to compete in the global marketplace. Learn how to fulfill security requirements when your organization is contracting or subcontracting with a foreign government or organization or if your organization is foreign and looking to bid on a Government of Canada contract.
On this page
- Security requirements for international contracts
- Bidding on Government of Canada solicitation requests with security requirements
- Bidding on classified solicitation requests from foreign governments
- Subcontracting to foreign organizations
- Requesting foreign security assurances
- Exchanging protected or classified information
- Bidding on North Atlantic Treaty Organization procurement initiatives
- Getting approval for visits to secure sites
- International bilateral security instruments
- International alternative solutions
- More information
Security requirements for international contracts
Security requirements are clauses written into government solicitation documents and contracts with private sector organizations. They specify what levels of security are required to safeguard sensitive information, assets and work sites.
Security requirements for international programs and projects may be listed in the:
- request for proposal
- contract security clauses
- Security requirements check list form (TBS/SCT 350-103)
- security aspects letter which includes the security requirements of the contract
- program or project security instructions which includes additional details of the security requirements of the international program or project
Bidding on Government of Canada solicitation requests with security requirements
Foreign organizations wanting to bid on Government of Canada solicitation requests with security requirements must contact their home country's national security authority (NSA) or designated security authority (DSA). These authorities are the government organizations responsible for contract security also known as “industrial security”.
Bidding on classified solicitation requests from foreign governments
Canadian organizations wanting to bid on classified solicitation requests from foreign countries, international organizations or to create partnerships with foreign suppliers must inform the CSP of their intent by email: tpsgc.dgsssiprojetintl-dobissintlproject.pwgsc@tpsgc-pwgsc.gc.ca.
What to expect during the contracting process
Canadian organizations can expect a number of actions to occur during the following 3 phases of the contracting process.
Phase 1. Preparing to bid
The CSP will:
- help your organization understand foreign contract security requirements, and ensure they comply with the international bilateral security instrument in place with that country or international organization
- need to approve the anticipated release of Canadian classified information to foreign entities
- provide security screening once your organization is sponsored by the foreign NSA, the DSA or a Canadian approved source
- assist with any required exchange of classified solicitation documents, if required
Learn how to obtain security screening for your organization.
Phase 2. Prior to contract award
The foreign government or organization responsible for the contract will:
- contact the CSP to:
- initiate appropriate security screening for your organization and employees
- request, if required, foreign security assurance to confirm that your organization and employees are cleared to the appropriate level:
- learn about requesting foreign security assurances
- issue foreign security clauses for the contract or subcontract
Phase 3. After contract award
Canadian organizations that have been awarded a foreign classified contract must send the security clauses to the CSP by email: tpsgc.ssilvers-isssrcl.pwgsc@tpsgc-pwgsc.gc.ca.
The CSP will:
- ensure the security requirements are in line with the international bilateral security instruments
- assess your organization's security plans
- process approvals for:
- visits to secure sites and document transfers
- program or project security instructions
- secure electronic communications plans
- the release of Canadian classified information to foreign entities
- ensure compliance
Subcontracting to foreign organizations
Before subcontracting to a foreign organization, Canadian organizations must get written approval from the CSP by emailing a request: tpsgc.dgsssiprojetintl-dobissintlproject.pwgsc@tpsgc-pwgsc.gc.ca.
During the approval process, the CSP will:
- obtain foreign security assurances to verify the security status of the foreign organization and its personnel
- ensure compliance with the provisions of the bilateral security instrument between Canada and that country
- provide security clauses for the subcontract
- authorize the release of Canadian classified information to the foreign entity
- authorize the transfer of sensitive information to and from foreign organizations
- process approvals for visits to secure sites
Requesting foreign security assurances
A foreign security assurance is the confirmation that a foreign organization and/or its personnel meet the security requirements of a solicitation request, contract, subcontract or international program. If the organization and its personnel do not meet the requirements, they will be screened at the appropriate and required level by the NSA or the DSA in their home country.
Canadian organizations need to request foreign security assurances from the CSP by sending an email: tpsgc.dgsssiprojetintl-dobissintlproject.pwgsc@tpsgc-pwgsc.gc.ca.
Security assurances for Canadian organizations
The CSP provides security assurances to foreign governments for Canadian organizations bidding on classified foreign contracts.
Security assurances for foreign organizations
Canadian organizations wanting to subcontract to a foreign organization must contact the CSP to confirm the possibility to subcontract and to request a foreign security assurance, as appropriate.
During the request process, your organization will need to provide a:
- point of contact for the foreign organization along with the:
- email address
- telephone number
- physical address
- country of origin
- government or international organization contract number
- security levels and requirements of the contract (for example, state whether your subcontractor will need access to classified information and assets or access only to a specific secure work site)
If available, you can also provide the organization's business registration number, equivalent to your Canadian Procurement Business Number:
- for subcontractors based in the United States (US), this number is called the Commercial and Government Entity (CAGE) code
- for subcontractors based in a North Atlantic Treaty Organization (NATO) country, this number is called the NATO Commercial and Government Entity (NCAGE) code
Security assurances for foreign personnel
The CSP conducts foreign security assurances for employees who hold personnel security clearances in countries that share bilateral security instruments with Canada.
To request a security assurance for foreign personnel, you must provide the CSP with the following information:
- name, place of residence, place of birth, date of birth and citizenship of the employee
- name and address of their employer
- government-issued identification, such as a social security number in the US or national identity card number in other countries
- government or international organization contract number
Exchanging protected or classified information
Canadian organizations must contact the CSP if it needs to exchange or transfer sensitive information or assets during a program, project or contract with a foreign organization, foreign government or an international organization.
The CSP will determine if the foreign organization, foreign government or international organization can receive and safeguard the information or asset.
Bidding on North Atlantic Treaty Organization procurement initiatives
The NATO is an alliance of 32 member countries from North America and Europe. This membership gives Canadian organizations the opportunity to bid on NATO procurement initiatives.
Learn about the NATO member countries
Learn how the NATO procurement process works by consulting the How to bid on NATO contracts and win.
NATO procurement initiatives are advertised here:
- CanadaBuys: Government of Canada procurement opportunities
- MERX—Canadian public tenders
- North Atlantic Treaty Organization business portal
- North Atlantic Treaty Organization Communications and Information Agency bulletin board
- North Atlantic Treaty Organization Allied Command Operations
North Atlantic Treaty Organization clearances for organizations
Organizations bidding on NATO opportunities must meet the NATO security requirements listed in the procurement documents.
A NATO facility security clearance (FSC) gives access, at the appropriate security level, to information and assets to the level of:
- NATO Confidential
- NATO Secret
- Control of Secret Material in an International Command (COSMIC) Top SecretFootnote 1
For contracts requiring access to NATO restricted information and assets, contact the CSP by sending an email: tpsgc.dgsssiprojetintl-dobissintlproject.pwgsc@tpsgc-pwgsc.gc.ca.
How organizations get a North Atlantic Treaty Organization facility security clearance
- If your organization requires a NATO FSC at the level of the NATO security requirements, contact the CSP to validate your clearance for the NATO solicitation request
- If your organization does not have a NATO FSC clearance, learn how to obtain security screening for your organization
North Atlantic Treaty Organization personnel security clearance
Once your organization is granted a NATO FSC, you need to request NATO personnel security clearances for employees to gain access to NATO classified information and assets.
Who is eligible
Once your organization is granted a NATO FSC, you can request NATO personnel security clearances for employees who are:
- citizens of Canada or permanent residents
- citizens of other NATO countries (the CSP will coordinate with the DSA of that country)
- citizens of non-NATO countries at NATO Confidential or Secret clearance level, on a case-by-case basis
How personnel get a North Atlantic Treaty Organization clearance
Organizations that have obtained the required NATO FSC can request NATO personnel security clearance for their employees. Once the Canadian personnel security clearance has been granted, the CSP will send you a NATO security briefing form to be completed and signed by the company security officer and the employee. Once approved, the employee is considered NATO security cleared, with access to NATO information and assets respecting the need-to-know principle.
Learn more about NATO security requirements in Section 10.2 North Atlantic Treaty Organization of the Contract Security Manual (CSM).
Getting approval for visits to secure sites
If you are hosting a visit to a secure site in Canada, or visiting a secure site abroad, you must get approval from the CSP.
Learn how to get approval for visits to secure sites.
International bilateral security instruments
The Government of Canada works with foreign governments to safeguard the exchange of protected and classified information, and to help Canadian organizations compete internationally.
To help Canadian organizations access international contracts involving classified information, Canada has negotiated bilateral security instruments with various countries and international organizations.
The countries and international organizations are:
- Albania
- Australia
- Belgium
- Brazil
- Bulgaria
- Chile
- Denmark
- European Space Agency (ESA)
- European Union (EU)
- Finland
- France
- Germany
- Israel
- Italy
- Latvia
- NATO
- Netherlands
- New Zealand
- Norway
- Singapore
- South Africa
- Spain
- Sweden
- Switzerland
- United Kingdom
- United States
The Multinational Industrial Security Working Group
Canada is part of the Multinational Industrial Security Working Group (MISWG) that consists of NSAs, DSAs and their representatives who are responsible for industrial security in their country. The MISWG mission is to:
- promote, improve and harmonize common international industrial security best practices
- safeguard classified and certain other forms of government-controlled information in order to confront current and emerging security threats and challenges within its scope
Adoption of common templates and exchange procedures facilitate the implementation and operation of international programs and projects among the MISWG membership.
This international working group consists of:
- all NATO countries (except Iceland)
- Australia
- Austria
- Israel
- Japan
- New Zealand
- Singapore
- Switzerland
- European Commission (observer)
- European Defence Agency (observer)
- ESA (observer)
- NATO Office of Security (observer)
- Organisation for Joint Armament Co-operation (OCCAR) (observer)
International alternative solutions
In exceptional cases where there is no international bilateral security instrument covering Canadian protected information (Protected A or Protected B only) customized international alternative solutions may be used to govern the safeguarding of Canadian protected information handled abroad for Government of Canada contracts.
With international alternative solutions:
- the Government of Canada can award contracts and subcontracts at Protected A or Protected B levels to suppliers located in a limited set of countries with appropriate security and privacy legislation and framework
- Canadian organizations can consider certain foreign suppliers in their bids and subcontracts
The suitability of an alternative solutions approach is always considered on a case-by-case basis and is at the exclusive discretion of the CSP. These alternative solutions depend on:
- the existence of a bilateral security instrument for the exchange of classified information
- the location of the foreign suppliers and their facilities (for example, within a member country of NATO or of the EU)
- the nature of information to be shared
- the adequacy of the other country's privacy legislation
Note
International alternative solutions do not apply to classified or Protected C information or assets.
Security clauses for international alternative solutions
An alternative solution mainly uses security clauses to specify the security requirements. These clauses ensure that foreign contractors or subcontractors safeguard Canadian protected information according to similar standards as Canadian suppliers on various aspects, such as:
- personnel security screening
- physical security
- information technology security
- protection of personal information
Security clauses also cover compliance visits, security breaches and the measures to be taken in case of loss or compromise of Protected A or Protected B assets and information exchanged under a contract or subcontract.
Security clauses for international alternative solutions are:
- contract-specific
- valid for the life of the contract or subcontract
- not transferable between contracts or subcontracts
More information
- Request a pre-recorded version of the webinar contracting outside of Canada
- Guidelines for international contract security in Chapter 9: International security of the CSM
- Contact the Contract Security Program for any inquiries concerning security screening for government contracts
- Date modified: