Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

COMMON CYBERSECURITY LAWS

Laws are statutory obligations. From a cybersecurity and data privacy perspective, common cybersecurity laws include, but are not limited to:

US - Federal Laws

  • Children's Online Privacy Protection Act (COPPA);
  • Fair and Accurate Credit Transactions Act (FACTA) - including "Red Flags" rule;
  • Family Education Rights and Privacy Act (FERPA);
  • Federal Information Security Management Act (FISMA);
  • Federal Trade Commission (FTC) Act;
  • Gramm-Leach-Bliley Act (GLBA);
  • Health Insurance Portability and Accountability Act (HIPAA); and
  • Sarbanes-Oxley Act (SOX).

US - State Laws

  • California SB 1386;
  • California Consumer Protection Act (CCPA) / California Privacy Rights Act (CPRA)
  • Massachusetts 201 CMR 17.00;
  • Oregon ORS 646A.622; and
  • Texas SB 2610.

International Laws

  • Canada - Personal Information Protection and Electronic Documents Act (PIPEDA);
  • EU - General Data Protection Regulation (GDPR) (note - it says "regulation" but it is a law in the EU);
  • UK - Data Protection Act (DPA); and
  • Other countries' variations of Personal Data Protect Acts (PDPA).
1 of 1 Items
  • Excel version of STRM mapping

    STRM Bundle - Excel Versions

    This is for a digital download of the current Excel spreadsheet versions of the Set Theory Relationship Mapping (STRM) used to crosswalk the Secure Controls Framework (SCF).  There is a one (1) month period of time to access the STRM download (from...

    $20.00
    Add to Cart
1 of 1 Items

© 2026 Secure Controls Framework All rights reserved. | Sitemap