All Published Standards

Every published standard listed by subject area.

Note that all standards published before January 30, 2023 remain valid and designated CIOSC under the authority of the CIO Strategy Council. These standards when updated as new editions will be published by the Digital Governance Standards Institute. 

Agricultural Blockchain

CIOSC/TS 114, Technical Specification for Agricultural Blockchain – Traceability of Canola Through the Canadian Supply Chain

This Specification presents a set of requirements to manage the traceability of canola, from crop production through handling and processing to retail distribution for consumers. 
Read more

Automated Decision Systems (AI)

CAN/CIOSC 101, Ethical Design and Use of Automated Decision Systems

Protecting human values and incorporating ethics in the design and use of automated decision systems (AI).
Read more

Connected Cities

CAN/CIOSC 106-1, Connected Cities – Part 1: Discovery of Digital Twins for Built Environments

The CAN/CIOSC 106 series of Standards specifies minimum requirements for the discovery and
management activities for context-rich, digital representations of built environments (i.e., digital twin).

The following are within the scope of CAN/CIOSC 106-1:

  • Acquiring, collection, and organization of information and data on different subsystems and protocols used to discover and define built environments.
  • Acquiring data, documentation, and maintenance of a master set of relevant location mappings of a given built environment, including the association of physical assets to a specific location.

Read more

Cybersecurity

CAN/CIOSC 104, Baseline Cyber Security Controls for Small and Medium Organizations

Specifies a minimum set of cyber security controls for businesses with less than 500 employees.
Read online

CAN/CIOSC 105, Cybersecurity of Industrial Internet of Things (IIoT) Devices

Cybersecurity controls for IIoT devices to meet requirements for security, safety, confidentiality, integrity, and availability. 
Read more

Data Governance

CAN/CIOSC 100-1, Data Governance – Part 1: Data Centric Security

Minimum requirements for products and/or services providing data protection of digital assets.
Read more

CAN/CIOSC 100-2, Data Governance – Part 2: Third-Party Access to Data

Specifies minimum requirements and a set of privacy controls for third-party access to data.
Read more

CAN/CIOSC 100-4, Data Governance – Part 4: Scalable Remote Access Infrastructure

Helps organizations mitigate security risks associated with enterprise technologies used for remote access. 
Read more

CAN/CIOSC 100-6, Data Governance – Part 6: The Responsible Use of Digital Contact Tracing, Monitoring Data in the Workplace

Acceptable and responsible collection and use of contact tracing and monitoring data in the workplace. 
Read more

CAN/CIOSC 100-7, Data Governance – Part 7: Operating model for responsible data stewardship

Stewardship, accountability and management of data whenever a legal entity collects, uses or shares it. 
Read more

Digital Assets and Nonfungible Tokens

Standard title

Coming soon
Read more

Digital Credentials

Standard title

Coming soon
Read more

Digital Skills

Standard title

Coming soon
Read more

Digital Trust & Identity

CAN/CIOSC 103-1, Digital Trust & Identity – Part 1: Fundamentals

Maintaining trust in digital services that assert or consume data on identities of people and organizations. 
Read more

CAN/CIOSC 103-2, Data Trust & Identity – Part 2: Delivery of Healthcare Services

Federating the exchange of health information between systems.
Read more

Electoral Voting Technolgies

Standard title

Coming soon
Read more

Health Data & Information

Standard title

Coming soon
Read more

Modern Procurement

Standard title

Coming soon
Read more

Online Electoral Voting

Standard title

Coming soon
Read more

Open Finance

CAN/CIOSC 110-1, Open Finance – Part 1: Customer Experience

This Standard specifies minimum requirements for planning, designing, developing, implementing, maintaining, and improving the customer experience surrounding access to customer banking, transaction, and other financial data from bank and non-bank financial institutions.

This Standard is applicable to financial product- and service-related organizations. It is intended for use by any organization regardless of its type or size, or the financial products and/or services it provides, including third-party providers that design products or services to facilitate access to customer banking, transaction, and other financial data from bank and non-bank financial institutions.

This Standard includes provisions on design and experience principles, authentication, authorization, consent, and data portability. 
Read more

Privacy & Access Control

CAN/CIOSC 109-1, Privacy – Part 1: Qualification and Proficiency of Access-to-Information, Privacy, and Data Protection Professionals

This Standard specifies minimum requirements for qualification and proficiency of privacy and access control professionals.

This Standard defines a framework for individuals seeking to demonstrate their competencies and qualifications as access-to-information, privacy, and data protection professionals, as well as organizations seeking to offer training and certification programs.

This Standard applies to professionals in all sectors, including public and private companies, government entities, not-for-profit and charitable organizations.
Read more

Scroll to Top

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy