Get Certified.

A new trustmark for leading companies that meet recognized standards in digital governance and cybersecurity

Join the testing phase and become one of the first companies to receive the new mark

You take digital governance seriously. So tell the world.

Give clients and partners confidence that their data is safe

Get more ROI from your compliance work

Application fee waived for test companies

Help create a trusted digital ecosystem in Canada

Stand out with the trustmark for digitally responsible companies

More than 4 in 10 consumers say lack of trust prevents them using digital services. 

The Digital Trust Program has been created to provide organizations that meet recognized standards around digital technologies a way to set themselves apart. 

Receiving the trustmark tells clients and partners that your organization is serious about protecting their data.  

Data governance

What's involved

Step 1

Application

Complete a short online form

Step 1

Step 2

Document submission

Securely upload proof of certification or compliance (e.g. certificates, reports) to server with end-to-end encryption

Step 2

Step 3

Review

The CIOSC reviews the application and may reach out with questions or if clarification is needed
Step 3

Step 4

Audit

CIOSC conducts audit.

Step 4

Step 5

Approval

Once the CIOSC audit is complete, a certificate and trustmark logo will be issued for organization’s in compliance with the standard.
Step 5

Step 6

Renewal

The certificate will be valid for one year, after which it may be renewed
Step 6

During the test phase, we will seek feedback at every step of the way and may adjust the process based on what we hear from participants. 

One program. Three domains.

The Digital Trust Program indicates that you are a leader in meeting recognized standards in areas that are top of mind for clients and partners 

Cybersecurity

CAN/CIOSC 100-1:2022, Data Governance – Part 1: Data Centric Security

CAN/CIOSC 100-2:2021, Data Governance – Part 2: Third Party Access to Data

Digital Identity

CAN/CIOSC 103-1:2020, Digital Trust and Identity – Part 1: Fundamentals

Privacy & Data

CAN/CIOSC 100-7:2022, Data Governance – Part 7: Operating Model for Responsible Data Stewardship

Ready to help create a new trustmark for Canada?

The application will take around 10 minutes

FAQs

The mark signals conformance with national standards, giving confidence in the digital supply chain to a broad ecosystem of clients, partners, and suppliers.

Participation in the program’s testing phase is free. The CIOSC’s Advisory Committee on Trusted Digital Ecosystems will provide advice on fees to charge once the program is officially launched. 

Yes, after one year it will need to be renewed. 

The program covers all organizations in the digital space, but the specific requirements vary based on an organization’s size and risk level. Broadly speaking, larger organizations and those that handle sensitive data will have to meet higher thresholds to demonstrate the appropriate level of trust than smaller entities handling general data.

Consult our Recognized Standards page for the most up-to-date list.

In the future, we may extend its use to areas such as ethical AI and environmentally sustainable IT. But for the test phase it will be limited to these three domains. 

The Digital Trust Program pilot will use CryptoMill CODA Arenas (Circles Orchestrated Discussion Arenas) to house and share content in a simple, straight-forward, efficient, and highly secure process. Upon being uploaded, any data shared within the CODA Arena is immediately protected as it is received. CODA protects data using a dedicated Circle of Trust, each uniquely specific to the Arena.  That means that all messages and uploaded files are fully encrypted using the industry standard, government-grade cipher, AES (Advanced Encryption Standard). Once protected, only Arena members will be able to access the protected data – even if it is downloaded to a participant’s device.   CODA enforces the access restrictions and the Arena will only allow access to the accredited Arena/Circle users. As the data is securely stored, users will be able to consume it for as long as the Arena will be active. Once the project or task is done, and the review of the data is complete, the Arena can be deleted and with it, the associated Circle.  This action destroys the Circle keys and, in doing so, immediately “secure erases” all of the data contained in the Arena.  Furthermore, this now-erased data will also be deleted from the Arena data store, leaving behind absolutely no trace of its existence..

Scroll to Top

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy