Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

Cybersecurity & Data Protection Assessment Standards

Cybersecurity & Data Protection Assessment Standards

Posted by SCF Council on Oct 21st 2024

We are pleased to announce the release of the Cybersecurity & Data Protection Assessment Standards (CDPAS)!

This is a cohesive, consistent set of standards to govern cybersecurity and data protection related Third Party Assessment, Attestation and Certification Services (3PAAC Services). The CDPAS provides performance standards to normalize 3PAAC Services. By following the CDPAS methodology, cybersecurity and data privacy practitioners can improve the currently disjointed approach used to perform assessments of cybersecurity and/or data privacy controls.

The CDPAS is not “one-size-fits-all.” Instead, the guidance throughout this document should be adopted and tailored to the unique size, resources and risk circumstances of each organization. It can be modified, or augmented, with specific requirements. The CDPAS empowers organizations to develop cybersecurity and data protection assessment strategies tailored to their specific mission and business needs, threats and operational environments.

Download from: https://securecontrolsframework.com/content/cdpas.pdf