on 2020-08-1310:55 AM - edited on 2021-08-2304:48 PM by JordanBauman
The Secure Controls Framework organization is made up of volunteers, mainly specialists within the cybersecurity profession, who focus on both Governance, Risk and Compliance (GRC) and the cybersecurity side of privacy. These are auditors, engineers, architects, incident responders, consultants and other specialists who live and breathe these topics on a daily basis. The end product is "expert-derived content" that makes up the SCF.
The Secure Controls Framework (SCF) is a comprehensive catalog of controls that enables companies to design, build and maintain secure processes, systems and applications. The SCF addresses both cybersecurity and privacy, so that these principles are “baked in” at the strategic, operational and tactical levels.
The SCF is comprised of thirty-two (32) domains that cover the high-level topics that are expected to be addressed by cybersecurity and privacy-related statutory, regulatory and contractual obligations. These are the cybersecurity and privacy-related policies, standards, procedures and other processes that are designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented, detected and corrected.
The Secure Controls Framework (SCF) authoritative source content is available with the use of the RSA Archer Policy Program Management use case, the RSA Archer IT Policy Program Management use case, and/or the RSA Archer Assessment & Authorization use case. No additional license is required.
For More Information
To learn more about the Secure Controls Framework (SCF) Authoritative Source Content: