Secure Controls Framework
Download The SCF
Start Here
Free Content
SCF CORE
GRC Fundamentals
SCF Certified
Marketplace
FAQAboutContact
SCF Certified

SCF Individual Training & Certifications

The SCF Assessor and Instructor Certification Organization (SAICO) is a department of the SCF dedicated to upholding the highest standards in cybersecurity and compliance. SAICO provides three certification programs that equip cybersecurity professionals with the expertise to evaluate and implement SCF controls effectively, ensuring organizations meet regulatory and security best practices.

Learn More About SCF Certifications
Certification Details
Three SCF-Based Certification Programs
Each certification has a distinct scope, audience, and set of learning objectives. All three use Computer-Based Training for self-paced completion, which enables you to learn at your own pace and make the most out of your personal education. Additionally, they follow a defined syllabus to meet the specific learning objectives and standards of the specified certifications.
SCF Practitioner
SCF Architect
SCF Assessor
Foundation Level · SAICO Certification
SCF Practitioner
The SCF Practitioner is the entry-point certification for cybersecurity professionals who work with the SCF or whose organizations use the SCF as a foundation for their security programs. It provides a thorough understanding of the SCF structure, control domains, and how to operate as a practitioner within an SCF-based program.
Ideal for: GRC analysts, security program managers, compliance officers, and IT security professionals who are implementing or managing security controls aligned to the SCF.
What Does This Certification Cover?
  • Structure and architecture of the Secure Controls Framework
  • SCF control domains and control objectives
  • Common Controls Framework™ (CCF™) and its use in practice
  • Security, Compliance & Resilience (SCR) model fundamentals
  • How to implement and track SCF-based controls
  • SCF's relationship to laws, regulations, and frameworks
Enroll Now
Design & Implementation · SCF Certification
SCF Architect
The SCF Architect certification is for cybersecurity professionals who design and implement security programs using the SCF. This track focuses on the architectural and programmatic aspects of deploying the SCF within an organization, from control selection and rationalization to SCRMS implementation.
Ideal for: CISOs, security architects, program directors, and senior security engineers responsible for designing and operationalizing SCF-based cybersecurity programs.
What Does This Certification Cover?
  • Designing SCF-based security programs aligned to business requirements
  • Control selection, rationalization, and tailoring using the SCF
  • Implementing the Security, Compliance & Resilience Management System (SCRMS)
  • Mapping organizational obligations to SCF control families
  • Minimum Security Requirements (MSR) development
  • SCF integration with GRC platforms and tooling
Enroll Now
Design & Implementation · SCF Certification
SCF Assessor
The SCF Assessor is the advanced certification for professionals who conduct conformity assessments using the SCF methodology and the SCF CAP assessment process. This is the required credential for individuals performing SCF CAP assessments as part of an authorized 3PAO.
Ideal for: Information security assessors, auditors, consultants, and compliance professionals who conduct third-party assessments and need to demonstrate proficiency in SCF CAP assessment methodology.
What Does This Certification Cover?
  • SCF CAP assessment methodology and process
  • Examine, interview, and test (EIT) assessment techniques
  • Evidence collection, evaluation, and documentation
  • Assessment Objective (AO) evaluation procedures
  • SCF CAP report writing and findings documentation
  • Roles and responsibilities within the SCF CAP Ecosystem
Enroll Now
Getting Started
Enroll in SAICO Certification Training
All three SAICO certifications are available through the SCF Training Platform and delivered via self-paced Computer-Based Training (CBT).
Training enrollment, syllabus details, and examination registration are managed through the SCF Training Platform. Each course follows a structured curriculum with defined learning objectives matched to the certification examination.
Organizations looking to deploy multiple certifications across their team should contact the SCF directly, or inquire about SCF Licensed Training Provider (LTP) partnerships for bulk enrollment and custom delivery options.
Enroll: SCF Practitioner
Enroll: SCF Architect
Enroll: SCF Assessor

Join 25,000+ GRC Professionals

Get the latest SCF updates, cybersecurity insights, and community news delivered to your inbox. You know you want to do it!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Controls are your security, compliance & resilience program - A control is the power to influence or direct behaviors and the course of events.

DOWNLOAD THE SCF

© 2026 Secure Controls Framework Council, LLC. All rights reserved.

Terms & ConditionsPrivacyCookiesSitemap