1 / 23

Cyber Protection Supply Arrangement CPSA

Slide 2. Summary. BackgroundWhat is the CPSA?Objective of CPSAThe Work StreamsChallengesCPSA refreshUpcoming Changes in ProgramsAnnexes

Leo
Download Presentation

Cyber Protection Supply Arrangement CPSA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Cyber Protection Supply Arrangement (CPSA) Stéphanie Dion Communications Security Establishment October 2, 2007

    2. Slide 2

    3. Slide 3 2002- Government Security Policy (GSP) 2002- OAG report stated “IT Security in the GOC was deplorable” 2004 - Management of IT Security Standard (MITSS) 2004 - CPSA project initiated 2005- OAG Status Report stated TBS had not done enough to address concerns 2005- PAC recommendations to strengthen GOC IT Security posture 2006 - CPSA is issued 2007 - Aboriginal Set-Aside Supply Arrangement is issued OAG = Office of the Auditor General PAC = Public Account Committee Working Group: 12-15 different departments Steering Committee: 12-15 different departments Members are: the biggest users of a previous similar vehicle (ITISPS) and the Security and Information community (RCMP,DND, FAC, CSE…) OAG = Office of the Auditor General PAC = Public Account Committee Working Group: 12-15 different departments Steering Committee: 12-15 different departments Members are: the biggest users of a previous similar vehicle (ITISPS) and the Security and Information community (RCMP,DND, FAC, CSE…)

    4. Slide 4

    5. Slide 5

    6. Slide 6

    7. Slide 7

    8. Slide 8 On-Site Technical Vulnerability Assessment (OTVA), Threat and Risk Assessment (TRA), Certification and Accreditation (C&A), Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

    9. Slide 9

    10. Slide 10

    11. Slide 11

    12. Slide 12 Challenges Timeframe for the issue of contracts Selection criteria Qualified resources Security clearances Availability of government resources Flexibility of CPSA No products available

    13. Slide 13 WS4 Challenges Requirement of raw materials PWGSC to handle these specific requirements on individual contracts under CITP guidelines Limited pool of expertise Encourage mentorship program to foster the development of new resources Issuance of contracts Assist dept in clearly defining requirements and submitting complete and concise documentation

    14. Slide 14 CPSA Refresh Timeframe: Every 2 years (Trade agreements) Benefits of a CPSA refresh Modification of the suppliers list. Modify, when requested, the standard terms and conditions of all Supply Arrangements (SA). Improve the CPSA in order to meet new policy direction. Improve processes to address short falls.

    15. Slide 15 Upcoming Changes in Programs Canadian Industrial TEMPEST Program, update on guidance documents: ITSG-03 Disposal of TEMPEST equipment ITSG-11 COMSEC Installation Planning-TEMPEST Guidance and Criteria ITSG-12 Government of Canada, Facility Evaluation Procedures Modifications of CPSA WS4 will be adjusted to reflect these new requirements

    16. Slide 16 Documentation on CSE’s web site Familiarization session presentation The Business manager guide The procurement manager guide The skill groups definition and templates SRCLS SOW templates Scorecard

    17. Slide 17

    18. Slide 18

    19. Slide 19 Conclusion

    20. Slide 20

    21. Slide 21

    22. Slide 22

    23. Slide 23

More Related