Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

COMMON CYBERSECURITY FRAMEWORKS

A cybersecurity framework provides structure to build capabilities to be secure, compliant and/or resilient. There are many frameworks available from both private and public sources, each with its own level of detail, focus and structure. Organizations tend to adopt a framework to serve as a blueprint to address their security, compliance and resilience needs. It is common for organziations to blend multiple frameworks or use a metaframework (a framework of frameworks) to address their unique requirements. From a cybersecurity and data privacy perspective, common cybersecurity frameworks include, but are not limited to:

Cybersecurity Frameworks

  • CIS Critical Security Controls (CIS CSC);
  • CSA Cloud Controls Matrix (CSA CCM);
  • AICPA Trust Services Criteria (TSC);
  • Generally Accepted Privacy Principles (GAPP);
  • NIST Cybersecurity Framework (NIST CSF);
  • NIST SP 800-53;
  • NIST SP 800-161;
  • NIST SP 800-171;
  • NIST AI 100-1;
  • NIST AI 600-1;
  • ISO 27001 / 27002; 
  • ISO 42001; and
  • Many, many more!

Cybersecurity Metaframeworks

A cybersecurity metaframework is a "framework of frameworks" - it is essentially a hybrid model to cover multiple laws, regulations and frameworks. The three (3) leading metaframeworks in the cybersecurity industry include:

  • Secure Controls Framework (SCF);
  • Unified Compliance Framework (UCF); and
  • HITRUST.
1 of 1 Items
  • Excel version of STRM mapping

    STRM Bundle - Excel Versions

    This is for a digital download of the current Excel spreadsheet versions of the Set Theory Relationship Mapping (STRM) used to crosswalk the Secure Controls Framework (SCF).  There is a one (1) month period of time to access the STRM download (from...

    $20.00
    Add to Cart
1 of 1 Items

© 2026 Secure Controls Framework All rights reserved. | Sitemap