Technology Supply Chain Guidelines (TSCG-01)

Technology Supply Chain Guidelines (TSCG-01) "Several meetings involving an ad-hoc group of federal government departments occurred in April-May 2008 around an emerging national security issue relating to the vulnerability of the supply chain for Government of Canada telecommunications equipment and services. In addition to the threat of cyber attack, there is a growing awareness of the risks posed by potentially vulnerable or shaped technologies that may be entering the Government of Canada (GC) communications networks and information technology infrastructure through the supply chain. One way to reduce these risks is to include specific security clauses in PWGSC contracts that are aimed at protecting the integrity, availability and confidentiality of Canadas data and communications. These clauses were developed based on a ""managed telecommunications services"" scenario, whereby a contractor is given responsibility for selecting, implementing, and operating and maintaining telecommunications infrastructure and services. It has been determined that the development of ideal or one size fits all security clauses is not feasible due to the evolving threats, and the variety and complexity of GC operational environments and resulting requirements." 2023-03-01 Communications Security Establishment Canada opengov-gouvouvert@cse-cst.gc.ca Information and CommunicationsScience and TechnologyCSE archivesupply chain security HTML ENHTML https://cyber.gc.ca/en/guidance/technology-supply-chain-guidelines-tscg-01 HTML FRHTML https://cyber.gc.ca/fr/orientation/lignes-directrices-sur-la-chaine-dapprovisionnement-des-technologies-tscg-01

"Several meetings involving an ad-hoc group of federal government departments occurred in April-May 2008 around an emerging national security issue relating to the vulnerability of the supply chain for Government of Canada telecommunications equipment and services.

In addition to the threat of cyber attack, there is a growing awareness of the risks posed by potentially vulnerable or shaped technologies that may be entering the Government of Canada (GC) communications networks and information technology infrastructure through the supply chain.

One way to reduce these risks is to include specific security clauses in PWGSC contracts that are aimed at protecting the integrity, availability and confidentiality of Canadas data and communications.

These clauses were developed based on a ""managed telecommunications services"" scenario, whereby a contractor is given responsibility for selecting, implementing, and operating and maintaining telecommunications infrastructure and services. It has been determined that the development of ideal or one size fits all security clauses is not feasible due to the evolving threats, and the variety and complexity of GC operational environments and resulting requirements."

  • Publisher - Current Organization Name: Communications Security Establishment Canada
  • Publisher - Organization Section Name: Canadian Centre for Cyber Security (CCCS)
  • Licence: Open Government Licence - Canada

Data and Resources

Similar records