SCF-Based Policies, Standards & Procedures
A common issue for organizations is finding quality documentation that can operationalize the SCF's control set.
SCF Documentation Listings
The following organizations have asked to be listed as a SCF Documentation provider. It is your organization's obligation to perform due diligence activities to ensure any organization you choose to work with has the appropriate competence to adequately support your specific needs:
ComplianceForge Website: https://complianceforge.com Email: support@complianceforge.com |
Service Description: Comprehensive, editable & cost-effective SCF-based policies, standards & procedures. ComplianceForge is a long-term partner of the SCF and collaborated to create the Integrated Controls Management (ICM) model as a way for organizations to build hierarchical and scalable cybersecurity / privacy programs, based on the SCF. ComplianceForge offers innovative, economical documentation solutions for businesses of any size or industry. ComplianceForge specializes in cybersecurity / privacy documentation and is licensed by the SCF to offer policies, standards and procedures that are mapped 1-1 to the SCF. The Digital Security Program (DSP) is an enterprise-class solution for cybersecurity / privacy policies and standards that leverages the SCF domains for its structure. Each SCF domain has a policy associated with it and nested within these policies are the control objectives, standards, guidelines and metrics that enable you to quickly and efficiently operationalize the SCF’s controls. The Cybersecurity Standardized Operating Procedures (CSOP) compliments the DSP and provides 1-1 mapped procedures to the DSP’s standards. The cost and time savings are enormous by having professionally-written documentation available the same business day to operationalize the SCF. The combination of the DSP & CSOP make ComplianceForge’s offering for policies, standards and procedures the most robust solution on the market! This content not only comes in Microsoft Word format, but also comes in Microsoft Excel, so that the DSP & CSOP can be imported into a GRC instance (e.g., SCFConnect or any GRC that can import a CSV file). |