Public Works and Government Services CanadaCanada wordmark
Skip navigation links
Français Contact Us Help Search Canada Site
PWGSC Home About PWGSC Services Canadians Businesses
  Accounting, Banking and Compensation Corporate Image
What's New Site Map Home
Receiver General for Canada
2007 Public Accounts of Canada
Payment on Due Date
Bank and Exchange Rates
Direct Deposit in Canada
Foreign Direct Deposit
Banking Colloquium 2007
Chart of Accounts
FAQ

Archives

PWGSC > Receiver General for Canada > 2007 Banking Colloquium > Workshop No. 1 Government – Industry
Security Program Equivalency

2007 Banking Colloquium
Workshop No. 1 Government – Industry
Security Program Equivalency

Presentation Security Program Equivalency

  • General Presentation on the Industrial Security Program
  • Pilot Project:
    • Government of Canada provision of security program equivalency to the Government Security Policy (GSP) in the Private Sector at the Reliability Status level

Industrial Security

  • Created in 1941 – 65th anniversary this year
  • Mandates: North Atlantic Treaty Organisation (NATO) – International agreements – Defence Production Act (DPA) and GSP
  • Lead Agency under the GSP and DSA under NATO
  • Protection of Canadian and foreign Government sensitive assets/information/ in industry
  • In PWGSC because contractual clauses are used to ensure compliance (for Classified/Protected assets)

Industrial Security Sector

One stop shopping for:

  • “security clearances/approvals” to bid on/participate in classified/Protected government contracts in Canada and abroad
  • Access to “controlled goods” under the Controlled Goods Regime of the DPA

Industrial Security Program (ISP)

  • Facility Security Clearances
  • Personnel Security Clearances
  • Visit clearances
  • Related services

Industrial Security Program: Primary Services

  • Security clearances – companies/ personnel
  • Processing of Visits/Transmission of Classified assets
  • Maintain Security databases and certify automated systems
  • Contract security (e.g.: proper clauses)
  • International Security (Memorandums of understanding/Agreements/Arrangements

Primary Services (cont’d)

  • Outreach
    • Training and awareness
    • Policy Development
  • Compliance monitoring (inspections)
  • Enforcement (investigations)
  • Advice, consultation and assistance to industry

Industrial Security Services are Vital to:

  • Maintaining the trust & confidence of NATO and other allies
  • Protecting $Billions in annual trade with the United States
  • Ensuring the continued sharing of United States and other sensitive technologies with Canadian industry
  • Maintaining Canada’s International Traffic in Arms Regulations (ITAR) exemption

Statistics

  • 5,800 + Companies registered
  • 80,000+ Personnel Security Clearances/yr
  • 300,000 screened people in data base
  • 2,700+ Visits Clearances Requests / Verification of personnel security clearances of approx. 23,000 visitors

ISP Workload Drivers

  • 9/11 - war in Iraq - anti-terrorism contracting and consulting
  • 2002 Government Security Policy
  • 2004 National Security Policy
  • Increase in Government contracts containing security requirements (Canadian and foreign)
  • United States pressure on Canada to tighten up perceived security weaknesses

Pilot Project: Equivalency Policy

  • Objective:
    • Determine whether the Government of Canada can provide, based on the GSP as applied by the ISP of PWGSC, an equivalency at the Reliability Status level, to the security program of the ScotiaBank Group.

Principles

  1. Establish baseline requirements for providing a Reliability Status equivalency between the security programs of the ScotiaBank Group and that of the Government of Canada.
  2. Reflect the 2002 revised GSP as well as its applicable operational standards as stipulated in the Industrial Security Manual;
  3. Support the National Security Policy;
  4. Reflect the changes in the security environment since the incidents of 9/11;
  5. Enhance consistency between the Government of Canada and the private industry with respect to industrial security;
  6. Reflect the need to apply a standard in the exchange of protected/sensitive information outside the control of the Government of Canada;
  7. Promote training and awareness in the private sector regarding the requirements of security in the application of the GSP and the industrial security program;
  8. Examine the actions to be taken in the event of non-compliance with the equivalency policy;
  9. Create an audit requirement to review compliance with this requirement; and
  10. Provide a matrix for application to other interested Canadian Chartered Banks

Matrix for Equivalency

  • The primary means by which an equivalency policy will be developed will be through the mapping of the security program of the ScotiaBank Group and that of the Government of Canada.
  • A Table of Requirements will then be populated to provide the means to compare the requirements of the Government of Canada versus those offered by the ScotiaBank Group.

Policy Requirements

  • Security Program (or equivalent)
  • Information Technology Security
  • Security Screening
  • Physical Security
  • Business Continuity Planning
  • Investigation of Security Incidents
  • Training and Awareness

Policy Components

  • Governance Structure composed of Government and Industry Representatives
  • Risk Management and Consequences
  • Audit
  • Accountability

Conclusion

  • Final Objectives:
    • Granting by the Government of Canada of an equivalency with respect to security to the Scotia Bank Group
    • Presentation of the result of the Pilot Project before an Association such as the Canadian Bankers Association (CBA) for wider dissemination
 
Top
Maintained by  Accounting, Banking and Compensation
Last Updated: 2007-09-07
Important Notices