DND vendor websites face a stricter bar than other federal procurement: security clearance signaling, PIDS/DOSC awareness, ITAR/CGP-relevant capability statements, and DRDC-relevant research positioning where applicable.
DND procurement officers and Materiel Group analysts check vendor sites against a different bar than civilian PSPC files: security-clearance levels of named personnel (where disclosable), Controlled Goods Program (CGP) registration where relevant, ITAR-aware capability statements for defence-export-relevant work, DSP/PIDS awareness, and Defence Industrial Base positioning.
The site shouldn't read 'we're a defence contractor' if you've never sold to DND. But where you have, the references should be DND-format: project name, period, value range, MGCC/PSPC reference number where disclosable, scope, and a named technical authority.
You can publicly state aggregate clearance posture (e.g. 'core team holds Secret-level clearance') without naming individuals or breaching personnel-security policy. Specific individual clearance levels go on resumes submitted with proposals, not on the public site.
Yes, where the contract was unclassified and the file number / project name is publicly disclosable. Always check with the original contracting authority before publishing references.
Only for files involving controlled goods. The CGP registration check is part of the bid solicitation when applicable.