CAN/CIOSC 103-1:2020

This standard specifies minimum requirements and a set of controls for creating and maintaining trust in digital systems and services that, as part of an Organization’s mandate, assert and or consume Identity and Credentials in data pertaining to people and Organizations. This standard may be applied to either digital systems and services that are used within an identity context, or to those that are used and applied across identity contexts i.e. in a Credential and/or Identity federation. This standard shall not be construed so as to: a. Create non-compliance with any legal, regulatory or contractual requirements, duties, standards, directives and agreements that users of this standard may otherwise be under, and b. Favour or mandate any specific technology method, process or application.