https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42346#M5250 <P>Just came across <A href="https://www.securecontrolsframework.com/" target="_blank">https://www.securecontrolsframework.com/</A></P><P>&nbsp;</P><P>Holy crow! That is <STRONG>enormous</STRONG>! 32 domains! 750 plus controls! Holistic! Compliance! (With absolutely everything!) A metaframework! The CIA triad expanded to the CIAS quadrants (adding Safety)!</P><P>&nbsp;</P><P>I <STRONG>do</STRONG> rather like the fact that it is volunteer run. But I suspect that it is already too unwieldy to be a decent guide, and may become even more so. On the other hand, I've always said that, whatever you learn can be used in security, so ...</P><P>&nbsp;</P><P>I suspect it would make a rather good study guide for those going for the CISSP exam. If you are familiar with all of this, you're ready.</P> Mon, 09 Oct 2023 09:45:42 GMT rslade 2023-10-09T09:45:42Z https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42346#M5250 <P>Just came across <A href="https://www.securecontrolsframework.com/" target="_blank">https://www.securecontrolsframework.com/</A></P><P>&nbsp;</P><P>Holy crow! That is <STRONG>enormous</STRONG>! 32 domains! 750 plus controls! Holistic! Compliance! (With absolutely everything!) A metaframework! The CIA triad expanded to the CIAS quadrants (adding Safety)!</P><P>&nbsp;</P><P>I <STRONG>do</STRONG> rather like the fact that it is volunteer run. But I suspect that it is already too unwieldy to be a decent guide, and may become even more so. On the other hand, I've always said that, whatever you learn can be used in security, so ...</P><P>&nbsp;</P><P>I suspect it would make a rather good study guide for those going for the CISSP exam. If you are familiar with all of this, you're ready.</P> Mon, 09 Oct 2023 09:45:42 GMT https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42346#M5250 rslade 2023-10-09T09:45:42Z https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42349#M5251 <P>Safety -&nbsp;<SPAN>Safety addresses reducing risk associated with embedded technologies that could fail or be manipulated by nefarious actors.</SPAN></P><P>&nbsp;</P><P>^By that definition, that feature already falls under a security control family in NIST SP 800-53 (series).</P> Sat, 09 Jan 2021 02:53:50 GMT https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42349#M5251 Until_then 2021-01-09T02:53:50Z https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42367#M5254 <P>Very cool!</P> Sun, 10 Jan 2021 15:38:58 GMT https://community.isc2.org/t5/Industry-News/Security-Controls-Framework-SCF/m-p/42367#M5254 AppDefects 2021-01-10T15:38:58Z