Pilotcore CPCSC readiness guidance
Built by Nelson Ford, CMMC CCP and CISSP
Built by Pilotcore's founder and principal consultant
The free CPCSC Level 1 readiness guide for DND suppliers
A plain-English walkthrough of all 13 Level 1 controls, where specified information actually hides, and what self-attestation commits you to. It ends with a 7-question check on whether you are ready to attest. Read it before a contract, supplier questionnaire, or renewal puts CPCSC on your desk.
2026 edition
Get the free CPCSC Level 1 guide
A plain-English walkthrough of the 13 Level 1 controls, scoping, and a 7-question readiness check. Sent to your inbox.
Check your inbox
We've received your request. We'll email the guide link to the address you entered.
Request email:
Most requests are handled within 1 business day. Check your spam folder or contact us at info@pilotcore.io if you need help.
Built for suppliers that want a planning aid before CPCSC language appears in a DND or PSPC opportunity.
See what's inside the guide below.
What you'll get
Inside the guide.
A practical walkthrough of CPCSC Level 1, from the 13 controls to what self-attestation commits you to, ending with a readiness check.
-
All 13 controls, in plain English.
Every CPCSC Level 1 control across the six security domains, written so your team can tell what each one actually asks for.
-
Where specified information hides.
The electronic and physical places it ends up, from backups and mobile sync to printers, archives, and home offices, so your scope does not miss the system that breaks an attestation.
-
A 7-question readiness check.
A short self-check on whether you can answer "yes, and here is the evidence" for each control before you sign, plus the mistakes that most often sink an attestation.
Use the guide alongside current Government of Canada Level 1 requirements, scoping guidance, Level 1 criteria, CanadaBuys self-attestation instructions, and your contract language.
Want the requirements before you request the guide? The ungated CPCSC Level 1 reference page covers who needs it, the 13 controls, evidence, timing, and official sources.
Related reading
- CPCSC Level 1 readiness walk-through: scope, Specified Information flows, and per-control notes.
- CPCSC order of operations: the six steps from clause to attestation.
- What CPCSC costs small Canadian suppliers: cost buckets and planning ranges.
Readiness consulting
Want help applying the guide to your environment?
If CPCSC is tied to an active opportunity, renewal, or supplier questionnaire, Pilotcore can help translate the guide into a practical readiness plan for your systems, team, and timeline.
Frequently asked
CPCSC Level 1 questions.
What is CPCSC Level 1?
CPCSC Level 1 is the entry-level readiness tier for organisations in scope of designated Canadian defence procurement requirements. It focuses on baseline cybersecurity practices and self-assessment expectations based on current program guidance.
Is this guide official government guidance?
No. This is not official government guidance. It is Pilotcore readiness planning, not legal advice, certification advice, or an assessor opinion. Use it alongside current Government of Canada, PSPC, Canadian Centre for Cyber Security, and solicitation-specific guidance.
Can Pilotcore certify my company for CPCSC?
No. The guide and Pilotcore services are readiness support only. CPCSC is still rolling out; Level 1 uses self-assessment when required by contract, and future higher-level assessments stay with accredited bodies or third-party assessors. Pilotcore can help prepare the scope, controls, documentation, and evidence before that step.