Get Certified.
A new trustmark for leading organizations that meet recognized standards in digital governance and cybersecurity
Join the testing phase and become one of the first companies to receive the new mark

You take digital governance seriously. So tell the world.
Give clients and partners confidence that their data is safe
Get more ROI from your compliance work
Help create a trusted digital ecosystem in Canada
Stand out with the trustmark for digitally responsible companies
More than 4 in 10 consumers say lack of trust prevents them using digital services.
The Digital Trust Program has been created to provide organizations that meet recognized standards around digital technologies a way to set themselves apart.
Receiving the trustmark tells clients and partners that your organization is serious about protecting their data.

What's involved
Step 1
Application
Complete a short online form
Step 2
Document submission
Securely upload proof of certification or compliance (e.g. certificates, reports) to server with end-to-end encryption
Step 3
Review
The DGC reviews the application and may reach out with questions or if clarification is needed
Step 4
Audit
DGC conducts audit.
Step 5
Approval
Once the DGC audit is complete, a certificate and trustmark logo will be issued for organization’s in compliance with the standard.
Step 6
Renewal
One program. Three domains.
The Digital Trust Program indicates that you are a leader in meeting recognized standards in areas that are top of mind for clients and partners
Cybersecurity
CAN/CIOSC 100-1:2022, Data Governance – Part 1: Data Centric Security
CAN/CIOSC 100-2:2021, Data Governance – Part 2: Third Party Access to Data
Digital Identity
CAN/CIOSC 103-1:2020, Digital Trust and Identity – Part 1: Fundamentals
Privacy & Data
CAN/CIOSC 100-7:2022, Data Governance – Part 7: Operating Model for Responsible Data Stewardship
Get certified.
The application will take around 10 minutes
FAQs
The mark signals conformance with national standards, giving confidence in the digital supply chain to a broad ecosystem of clients, partners, and suppliers.
Yes, after one year it will need to be renewed.
The program covers all organizations in the digital space, but the specific requirements vary based on an organization’s size and risk level. Broadly speaking, larger organizations and those that handle sensitive data will have to meet higher thresholds to demonstrate the appropriate level of trust than smaller entities handling general data.
In the future, we may extend its use to areas such as ethical AI and environmentally sustainable IT. But for the test phase it will be limited to these three domains.
The Digital Trust Program pilot will use CryptoMill CODA Arenas (Circles Orchestrated Discussion Arenas) to house and share content in a simple, straight-forward, efficient, and highly secure process. Upon being uploaded, any data shared within the CODA Arena is immediately protected as it is received. CODA protects data using a dedicated Circle of Trust, each uniquely specific to the Arena. That means that all messages and uploaded files are fully encrypted using the industry standard, government-grade cipher, AES (Advanced Encryption Standard). Once protected, only Arena members will be able to access the protected data – even if it is downloaded to a participant’s device. CODA enforces the access restrictions and the Arena will only allow access to the accredited Arena/Circle users. As the data is securely stored, users will be able to consume it for as long as the Arena will be active. Once the project or task is done, and the review of the data is complete, the Arena can be deleted and with it, the associated Circle. This action destroys the Circle keys and, in doing so, immediately “secure erases” all of the data contained in the Arena. Furthermore, this now-erased data will also be deleted from the Arena data store, leaving behind absolutely no trace of its existence..
Send your questions to info@dgc-cgn.org