To be eligible for certification your organization must implement the security controls in the National Standard CAN/CIOSC 104:2021 Baseline cyber security controls for small and medium organizations.
The National Standard was developed by the Digital Governance Council, an accredited standard development organization. It draws on the Baseline Cyber Security Controls for Small and Medium Organizations as well as international standards such as ISO’s Information Security Management (ISO/IEC 27001).