Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

Secure Controls Framework (SCF) Download

Before downloading the SCF, here are some free guides to help understand key concepts of the SCF so that you can operationalize this framework in your environment:

To download the Secure Controls Framework (SCF), we require you to provide your basic contact information. The reason for this is to help SCF users maintain situational awareness about updates, new content and other pertinent information about the SCF.

 

Alternative Download

We understand not everyone may want to provide their information to download the SCF. Because of this, we provide an alternative method of downloading the SCF through GitHub. There, in addition to being able to download the latest version of the SCF, you can also view and download previous versions to see how the SCF has grown over the years thanks to our community's support! 

 scf flat file database

Join Our Discord!

The SCF's Discord Server is an excellent place to learn more about the SCF, share your SCF experiences and network with other SCF practitioners. We look forward to seeing you there!

 SCF discord

SCF Connect

SCF Connect is an independent organization from both the SCF Council and The Cyber AB (SCF CAP Accreditation Body). The integration of the SCF logo is due to it being the official tool for the SCF Conformity Assessment Program (SCF-CAP) where SCF Connect will serve as the Single Source of Truth (SSOT) for third-party conformity assessments. SCF Connect is designed to interface with other GRC solutions via API, so your existing GRC should be able to populate evidence into a SCF Connect instance. Contact SCF Connect directly for any technical assistance questions on API integrations.

SCF Connect helps eliminate the guesswork associated with operationalizing the SCF and takes the SCF's capabilities to a whole new level:

  • Intuitive SaaS platform that eliminates the need to use Excel.
  • Straightforward and simple solution to tailor and assess controls that includes the SCF's maturity model criteria and Assessment Objectives (AOs).
  • Priced at $200/month!

 secure controls framework saas

Like What You See?

The SCF is a community-run project that is made up of volunteers, mainly specialists within the cybersecurity profession, who focus on Governance, Risk and Compliance (GRC) and the cybersecurity side of data privacy. These are auditors, engineers, architects, incident responders, consultants and other specialists who live and breathe these topics on a daily basis. The end product is "expert-derived content" that makes up the SCF.

Because this is a community-run project, we accept donations because it helps advance the efforts to continue growing the SCF. If you would like to donate and help grow the SCF, you can do so below, and we are grateful for your support!

 scf donation page

 

1 of 1 Items
  • Excel version of STRM mapping

    STRM Bundle - Excel Versions

    This is for a digital download of the current Excel spreadsheet versions of the Set Theory Relationship Mapping (STRM) used to crosswalk the Secure Controls Framework (SCF).  There is a one (1) month period of time to access the STRM download (from...

    $20.00
    Add to Cart
1 of 1 Items

© 2025 Secure Controls Framework All rights reserved. | Sitemap