CAN/DGSI 103-1:2023

This standard specifies minimum requirements and a set of controls for creating and maintaining trust in digital systems and services that, as part of an Organization’s mandate, assert and/or consume Identity and Credentials in data pertaining to Persons and Organizations. This standard may be applied to digital systems and services that are used within an identity context, and/or to those that are used and applied across identity contexts i.e., in a Credential and/or Identity federation. This standard shall not be construed to: a. Create non-compliance with any legal, regulatory, or contractual requirements, duties, standards, directives, and agreements that users of this standard may otherwise be under; nor b. Favour or mandate any specific technology method, process, or application.