Controls are your cybersecurity & data privacy program ---- A control is the power to influence or direct behaviors and the course of events.

Secure Controls Framework (SCF) Council

STRM Bundle - Excel Versions

$20.00
1 review Write a Review
SKU:
STRM-Bundle

This is for a digital download of the current Excel spreadsheet versions of the Set Theory Relationship Mapping (STRM) used to crosswalk the Secure Controls Framework (SCF). 

Included in the 2024.3 STRM mappings in Excel include the following:

  • AICPA Trust Services Criteria (TSC) (2022 points of focus)
  • CIS Critical Security Controls (CSC) v8.0
  • IEC TR 60601-4-5:2021
  • ISO/IEC 27001:2022
  • ISO/IEC 27002:2022
  • ISO/IEC 42001:2023
  • NIST SP 800-53 R5.1.1
  • NIST SP 800-66 R2
  • NIST SP 800-161 R1
  • NIST SP 800-171 R2
  • NIST SP 800-171 R3
  • NIST SP 800-171A
  • NIST SP 800-171A R3
  • NIST SP 800-207
  • NIST SP 800-218
  • NIST Cybersecurity Framework (NIST CSF 2.0)
  • Payment Card Industry Data Security Standard (PCI DSS) v4.0
  • Space Attack Research & Tactic Analysis (SPARTA) Countermeasures
  • Trusted Information Security Assessment Exchange (TISAX) Information Security Assessment (ISA) v6.0.3
  • US DOJ / FBI - Criminal Justice Information Services (CJIS) Security Policy
  • Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 1
  • DoD Zero Trust Reference Architecture v2
  • Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet
  • onnections 3.0 Security Capabilities Catalog
  • Department of Homeland Security (DHS) Zero Trust Capability Framework (ZTCF) (DRAFT)
  • Federal Acquisition Regulation (FAR) 52.204.21
  • Gramm Leach Bliley Act (GLBA) - CFR 314
  • SEC Cybersecurity Final Rule
  • NY Cybersecurity Requirements for Financial Services Companies (NY DFS 23 NYCRR500)
  • Tennessee Information Protection Act
  • Canada B-13
  • EU Digital Operational Resilience Act (DORA)
  • ENISA NIS2 (Directive (EU) 2022/2555)
  • Spain Royal Decree 311/2022
  • Australia Essential Eight
  • Australian Government Information Security Manual (ISM) June 2024
  • China Cybersecurity Law of the People's Republic of China (China Cybersecurity Law)
  • New Zealand Health Information Security Framework 2022

 

1 Review

  • 5
    Excellent value and huge time saver!

    Posted by Udo Schneider on Oct 10th 2024

    We use SCF to map product features to multiple compliance frameworks using control cross-walking. Adding the STRM information, especially the actual requirement text, allows us to tailor our answers specifically to the framework. And for the price, it's a real bargain! Even if you only need to copy and paste requirement descriptions manually, you'll end up paying more in lost work time than buying the whole package. Plus, you'll miss out on the STRM weights, which help to prioritize controls.