Tuesday, April 30, 2013

A G: CSE gets an A- on Contracting Sec

The chapter on Security in Contracting in the Auditor General's 2013 Spring Report gives CSE a more-or-less clean bill of health:

Communications Security Establishment Canada complies with the Policy

2.74 We found that Communications Security Establishment Canada (CSEC) is consistent with the Policy on Government Security. It uses the Security Requirements Check List to identify security requirements, has implemented a quality assurance program, and has approved its departmental security plan. CSEC’s requirement for clearances of firms went beyond the requirements in the Policy on Government Security. CSEC recently approved a policy on key activities related to security in contracting, which will help ensure that the process is carried out uniformly.

2.75 From our interviews and file review, we found that individual contractors had been granted security clearances at the appropriate levels before contracts began. We also reviewed the security in place for CSEC’s Long-Term Accommodation Project (Exhibit 2.9).


Exhibit 2.9—Security has been well considered in Communications Security Establishment Canada’s Long-Term Accommodation Project

We looked at a major project currently under construction to replace Communications Security Establishment Canada’s (CSEC’s) facilities and consolidate its workforce. For this project, Defence Construction Canada is the contracting authority. We found that security had been well considered and integrated into project planning and delivery. The projected cost of this Long-Term Accommodation Project is $880 million, with completion planned for 2014. Given the highly classified nature of CSEC’s business, the design and construction of the new facility took security considerations into account with a view to enhancing monitoring and eliminating the need for costly retrofits.

CSEC conducted the personnel screening and provided the results to the Industrial Security Program for inclusion in the Program’s database. It also signed a service-level agreement with Public Works and Government Services Canada (PWGSC) to conduct the facility security clearances. At the same time, CSEC conducted contractor clearances and requested clearances of firms from PWGSC. Until a firm was cleared, there was no access to the site and no work was permitted. Together, these procedures ensured that both firms and contractors would be appropriately cleared. CSEC cleared or provided site access clearance to more than 6,000 individuals, from truck drivers to consultants—no individual was allowed on site without first being cleared.

CSEC also took additional precautions, such as the following:

  • It ensured that firms providing construction materials and equipment were granted access only to specific sections of the work site as necessary.
  • It restricted access to drawings of the building and the building site.
  • It established verification procedures to ensure that there were no unobserved breaches of security.

While the cost of these additional procedures was considerable, in CSEC’s opinion they provided the assurance that its Chief needed—that risks had been mitigated appropriately.


2.76 We also reviewed 18 CSEC contracts unrelated to the Long-Term Accommodation Project. We found that for 14 contracts entered into with six firms, the firm had not been cleared when the contract was awarded. While CSEC had a security clause in these contracts for firms to be cleared, clearance was obtained only after the work had started.

2.77 Recommendation. Communications Security Establishment Canada should ensure that all contract security requirements related to firm clearances are met prior to awarding the contract.

The Agency’s response. Agreed. Communications Security Establishment Canada acknowledges the audit’s finding that CSEC met all requirements of government policy. With respect to the additional requirements that CSEC put in place over and above the policy, CSEC accepts the findings of the Auditor General, although additional risk mitigation measures were put in place. CSEC’s guidelines have been amended accordingly.

Sunday, April 21, 2013

CBNRC/CSE staff 1946 to 2013



An updated version of the graph featured in this post.

Thursday, April 11, 2013

March 2013 CSE staff size

2075.

(If you click through on the link and get a different figure, it's probably because the Canada Public Service Agency has updated its website; they update the numbers once a month.)

Tuesday, April 09, 2013

The Farm seen from the air



This photo, taken around 1950, shows CBNRC/CSE's second headquarters, the Rideau Annex (circled in red), as seen from the air looking southeast from downtown Ottawa. (Click on the photo for a larger view.)

The Victoria Memorial Museum (now the Canadian Museum of Nature) is the dark building on the far right, and the Lord Elgin Hotel is the light-coloured multi-storey building at the bottom left. Several of the "temporary" office buildings built during the Second World War can be seen just beyond the Lord Elgin.

Although it was less than four kilometres from Parliament Hill, the Rideau Annex was located in farm country when it was first occupied by CBNRC -- hence its nickname, "the Farm". Plans were already underway by 1950 for the area's development, however, and within a few years housing tracts began to fill what is now the Riverview neighbourhood.

More on the history of the Rideau Annex here.

(Photo source)