Draft:Secure Controls Framework

Draft article not currently submitted for review.

This is a draft Articles for creation (AfC) submission. It is not currently pending review. While there are no deadlines, abandoned drafts may be deleted after six months. To edit the draft click on the "Edit" tab at the top of the window.

To be accepted, a draft should:

Show the subject qualifies for a Wikipedia article by using multiple sources that meet four criteria. The sources should be (1) reliable (2) secondary (3) independent of the subject (4) talk about the subject in some depth. For some topics, there are alternative criteria.
Be written from a neutral point of view
Respect copyright and do not plagiarize. Do not copy-paste.

It is strongly discouraged to write about yourself, your business or employer. If you do so, you must declare it.

Where to get help

If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews.
If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed.

How to improve a draft

Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia.
Help:Wikitext – how to use the markup
Help:Referencing for beginners – how to include references
Wikipedia:Article development – how to develop your article
Wikipedia:Writing better articles – how to improve your article
Wikipedia:Verifiability – make sure your article includes reliable third-party sources

You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article.

Improving your odds of a speedy review

To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags.

Add tags to your draft

Editor resources

Easy tools: Citation bot (help) | Advanced: Fix bare URLs

Last edited by 98.97.140.252 (talk | contribs) 5 months ago. (Update)

Submit the draft for review!

Secure Controls Framework (SCF)

Overview

The Secure Controls Framework (SCF) is a cybersecurity and compliance framework that provides organizations with a set of security and privacy controls. The SCF integrates various regulatory, statutory, and contractual requirements into a common control framework, aiming to assist organizations in managing security and compliance efforts. It is used in industries such as finance, healthcare, government, and technology.

History

The SCF was community developed to address the complexity of compliance requirements across multiple industries. It harmonizes requirements from various global standards, including the NIST Cybersecurity Framework, Cybersecurity Maturity Model Certification, ISO/IEC 27001, GDPR, and HIPAA, among others. The SCF is designed to support organizations of different sizes and sectors with a structured approach to security and compliance.

Purpose and Objectives

The Secure Controls Framework aims to:

Standardize security, privacy, and compliance requirements from multiple sources.

Reduce redundancy by mapping overlapping controls from various regulations and standards.

Support risk management by helping organizations identify and mitigate security risks.

Assist regulatory compliance by aligning controls with multiple regulatory requirements.

Provide flexibility for organizations of various sizes and industries.

Structure and Components

The SCF consists of:

Domains: Categories of related security and privacy controls.

Controls: Core cybersecurity and data privacy controls.

Control Requirements: Specific requirements derived from various frameworks and standards.

Mappings: Cross-references to international regulations and standards.

Adoption and Use Cases

Organizations may adopt the SCF to:

Conduct security assessments and audits.

Align security practices with industry frameworks.

Enhance cybersecurity practices and address compliance requirements.

Support risk management and governance initiatives.

Evaluate third-party risk management and vendor assessments.

Comparison with Other Frameworks

The SCF is designed to integrate elements from multiple security frameworks, including:

NIST Cybersecurity Framework

Availability and Licensing

The SCF is publicly available and can be accessed through its official website. It is provided as an open-source framework, allowing organizations to tailor its controls according to their needs while maintaining alignment with various security and compliance standards.

References

Secure Controls Framework Official Website: [1]