INDUSTRIAL SECURITY ADVISORY BOARD (ISAB)

Industrial Security Sector Presentation
to Industrial Security Advisory Board

• Maintain the trust and confidence of NATO and other allies
  
  
• Ensure the continued sharing of foreign sensitive technologies with Canadian industry
  
  
• Maintain a strong and viable Canadian defence, aerospace and research sector
  
  
• Prevent rogue states, terrorists and spies from accessing sensitive information in industry
  
  
• Streamline government contracting
  
  
  

ISP Workload Drivers

• 9/11 - war in Iraq - anti-terrorism contracting and consulting
  
  
• 2002 Government Security Policy
  
  
• 2004 National Security Policy
  
  
• Increase in Government contracts containing security requirements (Canadian and foreign)
  
  
• Pressure to maintain security and vigilance
  
  
• Increase in company acquisitions, mergers, buy-outs
  
  
• Cross-border automated exchanges of sensitive information
  
  
• Expansion within NATO
  
  
  

Main Stakeholders and Clients

• Canadian industry, consultants, small business
  
  
• Industry Associations
  
  
• DSOs in all departments and agencies
  
  
• DND; FA; ITC; IC; RC; CBSA; PSEPC; RCMP; CSIS; CSE; TBS; PCO
  
  
• Procurement community (PWGSC and OGDs)
  
  
• NATO agencies/offices
  
  
• U.S. (DOD-DHS (e.g. Customs, FBI); State; Commerce; NSA)
  
  
• Foreign Governments National Security Authority/Designated Security Authority
  
  
• Other levels of government
  
  
  

Canadian and International Industrial Security Directorate (CIISD) - Services

• Negotiating International industrial security MOUs, agreements and arrangements
  
  
• Personnel Security Clearances
  
  
• Facility Security Clearances
  
  
• Processing Canadian and foreign visits
  
  
• Transmission of Classified/Protected information and assets
  
  
• Certifying automated systems
  
  
• Contract security (e.g., proper clauses)
  
  
• Outreach - training and awareness
  
  
• Compliance monitoring (inspections)
  
  
• Advice, consultation and assistance to industry
  
  
  

Industrial Security Operations

• Sponsorships
  
  
• Facility Security Clearances (FSC)
  
  
• Designated Organization Screening (DOS)
  
  
• Security in Contracting
  
  
  

Personnel Security

• Reliability Status
  
  
• Confidential
  
  
• Secret
  
  
• Top Secret
  
  
• NATO
  
  
  

International Security

• Negotiation of Industrial Security MOUs, arrangements and agreements with foreign countries
  - All NATO countries plus Australia, Sweden, Switzerland, Israel
  
  
• Participation in International forums such as:
  - MISWG Multinational Industrial Security Working Group
  - US/Canada Security and Technology Sharing Subcommittee
  - NATO Ad Hoc Working Groups
  - NATO Security Committees
  
  
• Government-to-Government transfers of Classified/Protected information/assets
  
  
• Project/Program Security Instructions
  
  
• International Transportation Plans
  
  
• Security Communications links
  - voice, data, facsimile
  
  
• Canadian and Foreign Visit Clearances System
  
  
  

Canada/US Joint Certification Program

• Unclassified military data that is subject to the Technical Data Control Regulations
  
  
• Provides access to contract opportunities
  
  
• Facilitates attendance at restricted/controlled meetings
  
  
• Arranges direct visits
  
  
  

Statistics

• 5,000 + Companies registered
  
  
• 60,000+ Personnel Security Clearances/year
  
  
• 300,000 screened people in data base
  
  
• 2,700+ Visits Clearances Requests / verification of personnel security clearances of approximately 23,000 visitors
  
  
  

Controlled Goods Directorate

• Background
  
  
• Domestic security program
  
  
• Regulates access to controlled goods
  
  
• Mandate from Defence Production Act and Controlled Goods Regulations
  
  
• Preserves US International Traffic in Arms Regulations (ITAR) Canadian Exemption
  
  Note: Penalties of up to $2 million dollars a day and ten years in prison
  
  

What are Controlled Goods?

• Export Control List - Group 2 - goods specifically designed or modified for military use
  
  - automatic weapons and firearms
  - ammunition and components specially designed for controlled goods
  - all goods, including weapons with a calibre greater than 12.7 mm, projectors, bombs, missiles, related equipment and accessories
  
  
• Export Control List - Group 5
  
  - global navigation satellite systems, ground control stations, and nuclear weapon design and testing equipment
  
  
• Export Control List - Group 6
  
  - all items - missile technology
  
  
  

What is Controlled Technology?

• Technical data
  - blueprints, formulas, engineering designs, etc.
  
  
• Technical assistance
  - instructions, training, working knowledge, etc.
  
  
• Technology necessary for development, production or use of a controlled good
  
  Note: Technology may be controlled, even if the product is not.
  
  
  

Legal Obligations of Firms

• Register with the Controlled Goods Directorate
  
  
• Appoint a Designated Official (DO)
  
  
• Implement security plans
  
  
• Maintain records
  
  
• Train employees, visitors and temporary workers
  
  
• Report security breaches
  
  
  

CGD Statistics

• 2,500+ businesses registered
  
  
• 3,100+ sites with controlled goods
  
  
• 4,300+ visitors and temporary workers cleared
  
  
  

Program support

• Provided by Program Harmonization and Services Directorate:
  
  - managing the business transformation of ISS and researching and developing opportunities for further harmonization of services
  - Researching and developing policies and directives for both programs
  - Maintaining and enhancing security databases
  - Formulating risk management and performance measurement objectives
  - Carrying out internal financial, human resources and administrative roles
  
  
  

Challenges facing the Industrial Security Sector

• CAC Study – ISS under-resourced resulting in:
  
  - Delays in levels of service to clients
  - Barely keeping up with demands
  - Slow response, poor reputation
  
  
• Outdated mandate (Cold War - W W II)
  
  
• Ineffective ties to security and intelligence community
  
  
• Viewed primarily as a “security clearance” function (people and companies)
  
  
• Ineffective and outdated processes
  
  
  

Overview of stakeholder sessions - what we learned

• Held to get feedback into organizational design and brainstorm ideas for enhancements
  
  
• Outlined Business Case including risks and consequences of not correcting deficiencies
  
  
• Revealed that support for the program is widespread as is recognition of challenges
  
  
• Stakeholders put forward many potential service delivery enhancements
  
  
• Some of these enhancements are addressed in the last slides on our new direction
  
  
  

Accomplished to date

• Developed Business Case and obtained stakeholder support for direction (including NSA)
  
  
• Re-established credibility - ongoing
  
  
• Stabilized the organization – ongoing
  
  
• Created the Industrial Security Advisory Board (DG-VP level)
  
  

Our new direction … short-term

• Aggressively eliminate backlog in:
  
  - Registrations
  - Clearances
  - Inspections
  - Investigations
  
  
  

Our new direction … long-term

• Secure additional funding
  
  
• Government Centre of Expertise for Industrial Security
  
  
• Recognition of ISS within the security and intelligence community
  
  
• Government-wide consistency and a level playing field
  
  
• Examination and implementation of business transformation initiatives including:
  
  - Greater automation
  * Access to clearance info on-line
  * Security Requirements Checklist
  * Fingerprints
  * Automatic contract clause generators
  * Complete forms once (submit updates only)
  
  - Increased company-to-company transactions
  * vs. having to come through ISP
  
  - Single security clearance pool
  * government and contractors
  
  - Eliminate need for transfers of clearances
  
  
• Risk-based inspections
  - less inspections but more thorough (teams)
  
  
• Increased outreach
  
  
• Improved access to, and sharing of, intelligence
  
  
• Real-time secure communications
  - between ISP and CSOs/DOs
  
  
• More flexibility for Departments and Agencies (delivery)
  - ISP services
  - Private Sector inspections - training
  - Self inspections
  - DSO inspections - security clearances – training
  
  
• Improved emphasis on international partnerships
  
  
• Delegation of select services to procurement community (e.g. contract clauses)
  
  
• Attracting and retaining expertise
  
  
• Re-defining what industrial security really means in today’s global security environment
  
  
  

We'd like to hear your ideas …

• Gerry Deneault (613) 948-1777
  
  
• Albert Bissonnette (613) 948-1627
  
  
• Peter Hull (613) 948-1767
  
  
• Mary Lou Devine (613) 948-1769