In addition to cybersecurity and privacy controls, the Secure Controls Framework (SCF) contains a separate risk and threat catalog, which have mappings to applicable SCF controls. These risk and threat catalogs are also leveraged within the Security & Privacy Risk Management Model (SP-RMM) that …

The SCF's Evidence Request List (ERL) is designed to standardize and streamline the evidence request process for an assessment. This is going to be utilized as part of the SCF's Conformity Assessment Program (CAP) to identify reasonably-expected artifacts/evidence to meet applicable SCF controls (it …

Environmental, Social & Governance (ESG) criteria are topics of interest for "social responsibility" concerns at the corporate level. ESG is traditionally used to screen potential investments as a way to support and maintain ethical conduct across organizations. However, with the evolving landscape …