Directive on Security Management - Appendix I: Standard on Security Event Reporting
Provides details on Government of Canada organizations that must be contacted to report different types of security events.
Date modified: 2024-03-15
Note to reader
The Standard on Security Event Reporting took effect on March 1, 2024.Appendix I. Standard on Security Event Reporting
I.1 Effective date
- I.1.1This standard takes effect on March 1, 2024.
- I.1.2This standard replaces the Standard on Security Event Reporting dated July 1, 2019.
I.2 Standards
- I.2.1This standard provides details on the requirements set out in section 4.1.7.
- I.2.2Procedures are as follows:
- I.2.2.1National security concerns: National security concerns, including those related to terrorism or controlled goods, must be reported to all of the following:
- Canadian Security Intelligence Service (CSIS) by telephone at 613-993-9620;
- Royal Canadian Mounted Police (RCMP) National Operations Centre (NOC) by telephone at 613-993-4460; and
- Office of the Chief Security Officer, Privy Council Office (PCO)
- I.2.2.2Security incidents and other security events: Security incidents and other security events that will have, or are likely to have, a significant impact on federal departments or agencies, or that require an immediate or coordinated government-wide response, must be reported without delay to the Government Operations Centre (GOC) by telephone at 613-991-7000 or by e-mail at GOC-COG@ps-sp.gc.ca and to the Office of the Chief Security Officer, PCO by telephone at 613-960-4000 or by e-mail at CMC-CGC@pco-bcp.gc.ca.
- I.2.2.3Cyber security incidents and events: Cyber security incidents and other security events related to information technology (IT) must be reported in accordance with the Government of Canada Cyber Security Event Management Plan (GC CSEMP).
- I.2.2.4Suspicious activity: Suspicious activity or behaviour that has a possible nexus to national security or that may be an indicator of serious criminal activity must be reported to the RCMP National Critical Infrastructure Team (NCIT) by email at SIR-SIS@rcmp-grc.gc.ca
- I.2.2.5Readiness levels: Departmental decisions to activate higher levels of readiness and to return to lower levels of readiness must be reported without delay to the Office of the Chief Security Officer, PCO, by telephone at 613-960-4000 or by email at CMC-CGC@pco-bcp.gc.ca.
- I.2.2.6Breach of trust: Security events related to alleged breach of trust must be reported to the RCMP Federal Policing Intake Unit by email at Federal_Policing_Intake_Unit@rcmp-grc.gc.ca (reports or calls may be redirected to local law enforcement organizations, as appropriate).
- I.2.2.7Other criminal activity: Security events related to other potential criminal activity (for example, physical thefts of government assets) must be reported to the local police.
- I.2.2.8Controlled goods and contractors: Incidents related to controlled goods and that involve contractors must be reported to Public Services and Procurement Canada’s Controlled Goods Program by email at dmc-cgd@tpsgc-pwgsc.gc.ca.
- I.2.2.9Accountable COMSEC material: Incidents that involve accountable communications security (COMSEC) material must be reported to the chief security officer of the department where the COMSEC incident occurred.
- I.2.2.10Cabinet confidences:All security incidents and other security events of significance involving Cabinet confidences must be reported to the Office of the Chief Security Officer, PCO by telephone at 613-960-4000 or by email at CMC-CGC@pco-bcp.gc.ca.
- I.2.2.11Privacy breaches: Material privacy breaches must be reported in accordance with the Directive on Privacy Practices, Appendix B: Mandatory Procedures for Privacy Breaches.
- I.2.2.12Policy monitoring: Security incidents and other security events of significance must be reported to the Treasury Board of Canada Secretariat by email at SEC@tbs-sct.gc.ca on a cyclical basis or on request, for the purposes of government-wide policy monitoring.
- I.2.2.13Criminal record information: Issues related to criminal record information by law enforcement agencies must be directed to the RCMP Canadian Criminal Real Time Identification Services by email at CCRTIS-SCICTR@rcmp-grc.gc.ca.
- I.2.2.1National security concerns: National security concerns, including those related to terrorism or controlled goods, must be reported to all of the following:
© His Majesty the King in Right of Canada, represented by the President of the Treasury Board, 2019,
ISBN: