Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

COMMON CYBERSECURITY REGULATIONS

Regulatory obligations are required by law, but are rules issued by a regulating body (e.g., government agency). Regulatory requirements tend to change more often than statutory requirements, due to how difficult it can be to change a law. From a cybersecurity and data privacy perspective, common regulatory requirements include, but are not limited to:

US Regulatory Requirements

  • Defense Federal Acquisition Regulation Supplement (DFARS);
  • Cybersecurity Maturity Model Certification (CMMC);
  • Federal Acquisition Regulation (FAR);
  • DoD Information Assurance Risk Management Framework (DIARMF);
  • National Industrial Security Program Operating Manual (NISPOM);
  • Financial Industry Regulatory Authority (FINRA); and
  • New York Department of Financial Services (NY DFS) 23 NYCRR 500.
1 of 1 Items
  • Excel version of STRM mapping

    STRM Bundle - Excel Versions

    This is for a digital download of the current Excel spreadsheet versions of the Set Theory Relationship Mapping (STRM) used to crosswalk the Secure Controls Framework (SCF).  There is a one (1) month period of time to access the STRM download (from...

    $20.00
    Add to Cart
1 of 1 Items

© 2026 Secure Controls Framework All rights reserved. | Sitemap