Solymus Blog

CPCSC compliance guides, ITSP.10.171 control breakdowns, and practical advice for Canadian defence suppliers.

CPCSC Compliance

CPCSC Level 1 Is Mandatory April 2026 — What Defence Suppliers Need to Know

Starting next month, every new DND contract requires CPCSC Level 1 self-assessment at award. Here is what the 13 controls require, how the timeline unfolds, and what to do now.

March 29, 2026 · 8 min read

Coming Soon

ITSP.10.171

ITSP.10.171 Explained: Canada's 97-Control Cyber Security StandardComing Soon

A practical breakdown of the 17 control families and how they map to security practices you may already have in place.

Comparison

CPCSC vs. CMMC: A Side-by-Side Guide for Cross-Border SuppliersComing Soon

How Canada's CPCSC and the US CMMC compare — controls, timelines, assessor requirements, and what dual-compliance looks like.

Cross-Border

CMMC 2.0 for Canadian Suppliers: What You Need to KnowComing Soon

How Canada's CPCSC and the US CMMC 2.0 relate, and what cross-border defence suppliers need for dual compliance.

Evidence

Tamper-Evident Evidence: Why Cryptographic Proof Matters for CPCSCComing Soon

How SHA-256 hashing, KMS signing, and Merkle chains create evidence that assessors and auditors can independently verify.