Nelson Ford, founder and principal consultant of Pilotcore

Built by Nelson Ford, CMMC CCP and CISSP

Pilotcore

The free CPCSC Level 1 readiness guide for DND suppliers

A plain-English walkthrough of all 13 Level 1 controls, where specified information actually hides, and what self-attestation commits you to. It ends with a 7-question check on whether you are ready to attest. Read it before a contract, supplier questionnaire, or renewal puts CPCSC on your desk.

All 13 Level 1 controls explained in plain English, grouped by the six security domains
Where specified information actually hides when you scope, from backups and mobile sync to printers and archives
A 7-question readiness self-check to pressure-test your attestation before you sign
Pilotcore CPCSC Level 1 readiness guide book cover

2026 edition

Get the free CPCSC Level 1 guide

A plain-English walkthrough of the 13 Level 1 controls, scoping, and a 7-question readiness check. Sent to your inbox.

By submitting, you agree to our Terms of Service and Privacy Policy.

Your information is encrypted and protected

We respect your privacy. Unsubscribe anytime.

Built for suppliers that want a planning aid before CPCSC language appears in a DND or PSPC opportunity.

See what's inside the guide below.

What you'll get

Inside the guide.

A practical walkthrough of CPCSC Level 1, from the 13 controls to what self-attestation commits you to, ending with a readiness check.

  • All 13 controls, in plain English.

    Every CPCSC Level 1 control across the six security domains, written so your team can tell what each one actually asks for.

  • Where specified information hides.

    The electronic and physical places it ends up, from backups and mobile sync to printers, archives, and home offices, so your scope does not miss the system that breaks an attestation.

  • A 7-question readiness check.

    A short self-check on whether you can answer "yes, and here is the evidence" for each control before you sign, plus the mistakes that most often sink an attestation.

Use the guide alongside current Government of Canada Level 1 requirements, scoping guidance, Level 1 criteria, CanadaBuys self-attestation instructions, and your contract language.

Want the requirements before you request the guide? The ungated CPCSC Level 1 reference page covers who needs it, the 13 controls, evidence, timing, and official sources.

Related reading

Send me the Level 1 guide

Readiness consulting

Want help applying the guide to your environment?

If CPCSC is tied to an active opportunity, renewal, or supplier questionnaire, Pilotcore can help translate the guide into a practical readiness plan for your systems, team, and timeline.

Frequently asked

CPCSC Level 1 questions.

What is CPCSC Level 1?

CPCSC Level 1 is the entry-level readiness tier for organisations in scope of designated Canadian defence procurement requirements. It focuses on baseline cybersecurity practices and self-assessment expectations based on current program guidance.

Is this guide official government guidance?

No. This is not official government guidance. It is Pilotcore readiness planning, not legal advice, certification advice, or an assessor opinion. Use it alongside current Government of Canada, PSPC, Canadian Centre for Cyber Security, and solicitation-specific guidance.

Can Pilotcore certify my company for CPCSC?

No. The guide and Pilotcore services are readiness support only. CPCSC is still rolling out; Level 1 uses self-assessment when required by contract, and future higher-level assessments stay with accredited bodies or third-party assessors. Pilotcore can help prepare the scope, controls, documentation, and evidence before that step.