Certification Program
Entities can demonstrate their ecosystem leadership by becoming PCTF certified and can leverage the DIACC PCTF conformity assessment program designed around ISO/IEC 17065 based on third-party audits to validate the conformity of PCTF criteria and independent review of the audit findings.
By offering a third-party, impartial, and competent assessment, DIACC’s certification adds value to the Canadian community and digital economy by enhancing confidence and trust in services and solutions. If you are interested in getting certified, please contact us at voila@diacc.ca. Our team will contact you to organize a pre-engagement meeting to walk you through the next steps, timeframe, costs, and how to submit a formal application. |
|
Quick Links
|
DIACC Certification Builds Trust
DIACC’s certification provides certainty to the market, facilitating trusted digital interactions and transactions. It signals market leadership by recognizing secure, accessible, interoperable services that meet international standards and regulations, ensuring that digital identity checks are consistent, standardized, and inclusive.
For Relying Parties, Consumers & Users Provides more confidence that the service will perform as expected. Improves the user experience. Assures the implementation of PCTF specified requirements. More control over personal data. More protection from fraud. Contributes to the safety and soundness of financial transactions. For Service Operators Brand Differentiation; More Visibility and Market Leadership. More business opportunities and new revenue streams. Reduces costs, time, and effort. Mitigates risks of data breaches, identity fraud, and misuse. Shows that the operator is committed to creating trustworthy services that protect people’s data. Expand the scope of the service by allowing to share digital identities and attributes with other organizations from various countries, industries, and sectors. Provides formal recognition of compliance while enabling organizations to leverage the benefits of participating in the secure and interoperable digital identity ecosystem.
The Certification Journey
Core documents
- The process of how to get certified is specified in the DIACC-CP-02-01 Certification process of services.
- The guidance for the audits against the PCTF can be found here.
If you are interested in getting certified, please contact us at voila@diacc.ca. Our team will contact you to organize a pre-engagement meeting to walk you through the next steps, timeframe, costs, and how to submit a formal application.
The DIACC handling of complaints process related to certification activities is available here.
DIACC Auditors
The DIACC Auditors have been accredited following a rigorous selection process based on ISO/IEC 17020 requirements, ensuring they meet the required skills, experience competencies, and qualifications to conduct audits against the PCTF.
The accredited auditors include:
Recognized Readiness Advisors
An interested party can contract with a Recognized Readiness Advisor to prepare for certification. Due to a conflict of interest, an applicant cannot use the same entity to perform readiness and certification audits.
Independent Review Committee
The Independent Review Committee (IRC) comprises volunteer industry professionals with international identity, auditing, compliance, and information security expertise.
Subject to impartiality, confidentiality, and conflict of interest policies, the IRC conducts a quality review of the audit findings reported by the DIACC accredited auditor. The IRC Charter is available here.
-
Cybersecurity Consultant
Steve Waterhouse
Steve Waterhouse was appointed in 2022 as the Assistant Deputy Minister of Government Information Security and Cyber Security in the new Ministry of Cybersecurity and Digital.
Steve’s military career included training soldiers and officers in combat arms, and culminated in him becoming one of Canada’s first cyber soldiers.
Steve has years of experience in computer network management – including with the Land Force Quebec Area Headquarters, and the Montreal base’s Metropolitan Network as their first Information Systems Security Officer.
Additionally, Steve worked with the Royal Military College Saint-Jean, where he rebuilt their computer architecture.
Steve is passionate about giving back to the community, and shares his military and public speaking experience with the Canadian Cadet Youth Movement.
-
Senior Partner
Debra Finlay
Business Law Group, Vancouver
Debra Finlay is a senior partner in the Business Law Group in Vancouver.
Domestic, international, public and private sector clients benefit from Debra’s experience, enabling her to manage all aspects of their complex commercial transactions while achieving their objectives.
Her practice is primarily focused on the areas of private company mergers and acquisitions and corporate commercial law.
-
Thematic Coordinator and Senior Engineer
Bernhard Strobl
Austrian Institute of Technology, Center for Digital Safety and Security
Bernhard Strobl, MSc (Dipl.-Ing.) is the Thematic Coordinator/Senior Engineer and Research Project Manager working in AIT – Austrian Institute of Technology, Center for Digital Safety and Security since 1987. He studied computer science at the technical university Vienna and has successfully applied his skills in various national and international projects.
Within AIT and at international level, he provides overall strategic guidance of industry-oriented R&D activities within the area of identity management, biometrics, embedded video analysis and coordination across projects: methodologies, technologies, tooling, SW-, HW-Modules.
He is an expert member in the CENELEC standardisation Technical Committee 224 Working Group 18″ Biometric application profiles for law enforcement and border control authorities using portable identification systems.
-
Partner
Claude Perreault
Levio
Claude has a legal background and extensive experience managing technology companies and large-scale projects and providing strategic advice on cybersecurity, information security, digital transformation, and privacy protection.
He has also developed leading-edge expertise in identity and access management, particularly concerning digital identity use and digital signatures.
In 2020/2021, Claude held the position of Vice-President, Business Development and continues to sit on the Board of Directors of the Digital Identity Lab of Canada.
Since September 2021, Claude has assumed the leadership of the “Cybersecurity and Business Risk” business line as a partner at Levio.
-
Senior Risk Specialist
Nathan Faut
SAP
A seasoned professional, Nathan has over 35 years of experience in information technology (IT), public key infrastructure (PKI) policy, IT auditing, risk management and consulting. He started his career as an applications developer and network administrator, moved to documentation writer and trainer, and then back to workstation specialist and network administrator. He shifted to supporting PKI development by “flywheeling” the development of the Higher Education PKI Bridge Certificate Authority policy activities. He expanded that experience into becoming a Certified Information Systems Auditor for a Big Four audit and advisory firm for over 15 years. Meanwhile, he deepened his business continuity and disaster
recovery tool-sets and became a Certified Business Continuity Professional. He joined the Kantara Initiative’s Assessment Review Board as the experienced PKI and IT auditor from its inception. Currently, he works as a Senior Risk Specialist at SAP National Security Services.