All Published Standards

Every published standard listed by subject area.

Note that all standards published before January 30, 2023 remain valid and designated CIOSC under the authority of the CIO Strategy Council. These standards when updated as new editions will be published by the Digital Governance Standards Institute. 

Fire and Knowledge Fire and Knowledge
A New York Times Book Review Editors' Choice The U.S. publication of A Book of Memories in 1997 introduced to...
Péter Nádas
The 10X Rule The 10X Rule
Achieve "Massive Action" results and accomplish your business dreams! While most people operate with only three degrees of action-no action,...
Grant Cardone
The Sheriff’s Son The Sheriff’s Son
Seven-year-old Kevin has been a handful for single mom Sarah Lindstrom, and when the new sheriff walks through her door...
Barbara White Daille

Agricultural Blockchain

CIOSC/TS 114, Technical Specification for Agricultural Blockchain – Traceability of Canola Through the Canadian Supply Chain

This Specification presents a set of requirements to manage the traceability of canola, from crop production through handling and processing to retail distribution for consumers. 
Read more

Automated Decision Systems (AI)

CAN/CIOSC 101, Ethical Design and Use of Automated Decision Systems

Protecting human values and incorporating ethics in the design and use of automated decision systems (AI).
Read more

DGSI /WA 126, Baseline Requirements for Vendors Offering AI/ML Lifecycle Solutions to Financial Institutions

Setting baseline requirements will enable vendors to understand FIs assessment criteria when outsourcing AI lifecycle solutions. The baseline requirements in this workshop agreement will identify specific criteria arising in the context of FIs compliance, operational, and reputational risk management requirements. The workshop agreement is intended to be used by third-party vendors offering AI/ML solutions to FIs
Read more

Connected Cities

CAN/CIOSC 106-1, Connected Cities – Part 1: Discovery of Digital Twins for Built Environments

The CAN/CIOSC 106 series of Standards specifies minimum requirements for the discovery and
management activities for context-rich, digital representations of built environments (i.e., digital twin).

The following are within the scope of CAN/CIOSC 106-1:

  • Acquiring, collection, and organization of information and data on different subsystems and protocols used to discover and define built environments.
  • Acquiring data, documentation, and maintenance of a master set of relevant location mappings of a given built environment, including the association of physical assets to a specific location.

Read more

Cybersecurity

CAN/CIOSC 104, Baseline Cyber Security Controls for Small and Medium Organizations

Specifies a minimum set of cyber security controls for businesses with less than 500 employees.
Read online

CAN/CIOSC 105, Cybersecurity of Industrial Internet of Things (IIoT) Devices

Cybersecurity controls for IIoT devices to meet requirements for security, safety, confidentiality, integrity, and availability. 
Read more

Data Governance

CAN/DGSI 100-1, Data Governance – Part 1: Data Centric Security

Minimum requirements for products and/or services providing data protection of digital assets.
Read more

CAN/CIOSC 100-2, Data Governance – Part 2: Third-Party Access to Data

Specifies minimum requirements and a set of privacy controls for third-party access to data.
Read more

CAN/CIOSC 100-4, Data Governance – Part 4: Scalable Remote Access Infrastructure

Helps organizations mitigate security risks associated with enterprise technologies used for remote access. 
Read more

CAN/CIOSC 100-6, Data Governance – Part 6: The Responsible Use of Digital Contact Tracing, Monitoring Data in the Workplace

Acceptable and responsible collection and use of contact tracing and monitoring data in the workplace. 
Read more

CAN/CIOSC 100-7, Data Governance – Part 7: Operating model for responsible data stewardship

Stewardship, accountability and management of data whenever a legal entity collects, uses or shares it. 
Read more

CAN/DGSI 100-8: Data Governance – Part 8 – Framework for Geo-Residency and Soverignty

Specifies minimum requirements for organizations to protect data assets that reside in foreign entities.  
Read more

CAN/CIOSC 100-9, Data Governance - Part 9: Zero-Copy Integration

This standard specifies implementation methods for zero copy integration, sharing, and exchange of data.

Read more

CAN/DGSI 117: English-French Lexicon for Digital Governance and Technologies

Defines terms used in digital governance and technologies in both English and French to ensure they are aligned.
Read more

Digital Assets and Nonfungible Tokens

Standard title

Coming soon
Read more

Digital Credentials

DGSI/TS 115,Technical Specification for Digital Credentials and Digital Trust Services

Ensures that digital credentials and trust services are interoperable and create a seamless experience for users. 
Read more

Digital Skills

CAN/DGSI 112: National Occupational Standard for Cybersecurity

Requirements for entry-level qualifications for cybersecurity professionals, including those working in IT security.
Read more

Digital Trust & Identity

CAN/DGSI 103-1, Digital Trust & Identity – Part 1: Fundamentals

This Standard specifies requirements for maintaining trust in digital services that assert or consume data on identities of people and organizations. 
Read more

CAN/DGSI 103-2, Data Trust & Identity – Part 2: Delivery of Healthcare Services

Federating the exchange of health information between systems.
Read more

Electoral Voting Technolgies

Standard title

Coming soon
Read more

Health Data & Information

CAN/DGSI 100-5: Data Governance – Part 5: Health Data and Information Capability Framework

Guidance to health information organizations on the collection, use, storage, protection, and distribution of data. 
Read more

Modern Procurement

Standard title

Coming soon
Read more

Online Electoral Voting

Standard title

Coming soon
Read more

Open Finance

CAN/CIOSC 110-1, Open Finance – Part 1: Customer Experience

This Standard specifies minimum requirements for planning, designing, developing, implementing, maintaining, and improving the customer experience surrounding access to customer banking, transaction, and other financial data from bank and non-bank financial institutions.

This Standard is applicable to financial product- and service-related organizations. It is intended for use by any organization regardless of its type or size, or the financial products and/or services it provides, including third-party providers that design products or services to facilitate access to customer banking, transaction, and other financial data from bank and non-bank financial institutions.

This Standard includes provisions on design and experience principles, authentication, authorization, consent, and data portability. 
Read more

Privacy & Access Control

CAN/CIOSC 109-1, Privacy – Part 1: Qualification and Proficiency of Access-to-Information, Privacy, and Data Protection Professionals

This Standard specifies minimum requirements for qualification and proficiency of privacy and access control professionals.

This Standard defines a framework for individuals seeking to demonstrate their competencies and qualifications as access-to-information, privacy, and data protection professionals, as well as organizations seeking to offer training and certification programs.

This Standard applies to professionals in all sectors, including public and private companies, government entities, not-for-profit and charitable organizations.
Read more

Scroll to Top

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy