The Cyber Protection Supply Arrangement (CPSA) is a procurement vehicle of pre-qualified Information Technology (IT) Security suppliers established by the Communications Security Establishment (CSE) to extend the reach of their technical capability by leveraging more private sector capabilities and resources. As a National IT Security authority, the CSE is seeking the assistance of industry to support Federal government departments and agencies in meeting the mandates of the Government of Canada Security Policy (GSP) and creating an IT Security framework consistent with the National Security Policy (NSP) and the Operational Standard on the Management of Information Technology Security (MITS). ipss is qualified IT Security supplier in the following: Work Stream 2 - Comprehensive IT Security Risk Management Consulting Services Under this work stream, ipss provides its federal government clients with consulting services in the following frequently used and stable disciplines: · On-site Technical Vulnerability Assessments (OTVAs), · Threat Risk Assessments (TRAs), · Privacy Impact Assessments (PIAs), · Certification and Accreditation services (C&A), · Business Continuity Planning (BCP), and · Disaster Recovery Planning (DRP). ipss also provides strong IT Security Team Leaders within these disciplines. All services are provided in accordance to GoC standards and meet the GSP and MITS requirements for departments and agencies to implement a continuous review cycle for these activities. Work Stream 3 – Skilled IT Security Services The former "ITISPS tiers of service" have been merged into one single stream of technical IT Security skills with categories/groups. Work stream 3 emphasises individual qualifications, supported by the ipss company profile. Departments and agencies can call upon ipss’ skilled pool of private sector expertise to complement their team or alleviate staff shortages and conduct periodic IT Security activities incorporating risk management and assessment methodologies. General categories of tasks include drafting of policy and supporting documentation, direct engineering support tasks, security audit activities, and training/awareness. ipss is able to provide its federal government clients with the following expertise at Senior, Intermediate and Junior levels: (1) IT Security Project Manager (2) IT Security Methodology, Policy and Procedures Analyst (3) IT Security TRA and C&A Analyst (4) IT Security Product Evaluation Specialist (5) PKI Specialist (6) IT Security Engineer (7) IT Security Architect (8) Network Security Analyst (9) IT Security Systems Operator (10) IT Security Installation Specialist (11) IT Security VA Specialist (12) Incident Management Specialist (13) Business Continuity and Contingency Planning Specialist (14) Physical IT Security Specialist (15) IT Security R&D Specialist (16) Computer Forensics Specialist (17) IT Security General Support (18) PIA Specialist |