National Occupational Standard for Cybersecurity

Designation Number:
CAN/CIOSC 112
Standard Type:
National Standard of Canada - Domestic
Standard Development Activity:
New Standard
ICS code(s):
03.100.30;03.180;35.240.90
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

Scope
Note: CIO Strategy Council announced an organizational name change to the Digital Governance Council (DGC), effective January 30, 2023 and the creation of a new standards development division, Digital Governance Standards Institute (DGSI). This proposed national standard aims to specify minimum core requirements for the qualification of cybersecurity professionals - inclusive of IT security, information security that involves digital artifacts, and digital security. While elements of physical, personnel and project/contract security are included, details that hinge on specific technologies or techniques are excluded from the scope of this Standard. This Standard applies to professionals in all sectors, including public and private companies, government entities, and not-for-profit organizations.

Project need:

Project Need
Occupational standards describe what an individual in a particular occupation must know and be able to do to be considered ‘capable’ in the occupation. These requirements are defined in terms of competencies, including knowledge, skills and abilities (KSAs), required to the related work effectively, safely and properly. Occupational standards provide the benchmark for competent performance in the workplace as agreed to by a representative sample of workers, employers and other stakeholders. Occupational standards may also include or be driven by other external requirements such as legal or policy compliance. In the case of cybersecurity, it serves another purpose. Cybersecurity is a relatively new and emerging field of work where various work roles have been conflated within the domain. Accordingly, there is a need to define primary cybersecurity work as distinct from other occupations in information technology, security, business management, or public administration. To address this, in 2020, TECHNATION published the Cybersecurity National Occupational Standard (NOS). The development of the NOS leveraged the research related to the Canadian Cybersecurity Skills Framework. It also included relevant NOC review, labour market analyses, job analyses, and subject matter expert interviews. A draft NOS was then submitted to Employment and Social Development Canada (ESCD) for initial review, which then the ESCD supported via funding the project. It was then sent to the Cybersecurity Talent Alliance (CTA) for review and approval prior to sending it for social collaborative review within the cybersecurity workforce development community and the LinkedIn Canadian Cybersecurity Network. A key goal for this project was to move the NOS to a sustainable review model, which led to TECHNATION submitting the NOS to transition to a National Standard of Canada.

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.