
- Structure and architecture of the Secure Controls Framework
- SCF control domains and control objectives
- Common Controls Framework™ (CCF) and its use in practice
- Security, Compliance & Resilience (SCR) model fundamentals
- How to implement and track SCF-based controls
- SCF's relationship to laws, regulations, and frameworks
What the SCF Practitioner Certification Covers
The SCF Practitioner syllabus provides a structured curriculum covering the foundational knowledge and skills required to effectively implement and maintain SCF-based security programs.
SCF Structure & Architecture
How the Secure Controls Framework is organized, including the 33 control domains, control objectives, and the relationship between the SCF and the Common Controls Framework™ (CCF™).
Control Implementation
Practical knowledge of how to implement SCF controls against applicable laws, regulations, and frameworks as mapped in the SCF, including how to track control implementation status.
SCR Model Fundamentals
The Security, Compliance & Resilience (SCR) model that underpins SCF implementation, including how each pillar relates to control implementation activities performed by practitioners.
Program Maintenance
How to sustain and operate an SCF-based program over time, including maintaining evidence of due diligence and due care, managing control exceptions, and supporting compliance reporting.
LRF Mapping Fundamentals
How the SCF's Law, Regulation, and Framework (LRF) mappings work in practice, enabling practitioners to understand how implementing SCF controls satisfies obligations across multiple authorities simultaneously.
Practitioner Role in CAP Ecosystem
How the SCF Practitioner role fits within the broader SCF CAP Ecosystem, including how Practitioners support SCF Architects with control implementation and interact with organizational documentation requirements.
The SCF Practitioner Role in the CAP Ecosystem
The SCF Practitioner role exists within the SCF CAP Ecosystem, the structured network of organizations and individuals that make up the SCF Conformity Assessment Program.
As certified implementers, SCF Practitioners are the individuals who translate SCF control frameworks into day-to-day operational security practices within organizations pursuing or maintaining SCF CAP certifications. They work under the direction of SCF Architects who design the program, and support the evidence collection processes that SCF Assessors will evaluate during conformity assessments.

Next Steps in the SAICO Certification Path
The SCF Practitioner is the first of three SAICO certification tracks. After completing the Practitioner, candidates can advance to the Architect (design & implementation) or Assessor (assessment & audit) certifications.
SCF Practitioner
Current: Foundation Level. Implement and maintain SCF controls aligned with SCF recommended practices and the SCF.
SCF Architect
Next Step: Design & Implementation. Architect and design SCF-based programs; address tactical, operational, and strategic security needs; guide Practitioners.
SCF Assessor
Advanced: Assessment & Audit. Lead or participate in SCF CAP assessment teams; evaluate controls against Assessment Objectives to determine conformity.
.png)
%20(white).png)