cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Security Controls Framework (SCF)

Just came across https://www.securecontrolsframework.com/

 

Holy crow! That is enormous! 32 domains! 750 plus controls! Holistic! Compliance! (With absolutely everything!) A metaframework! The CIA triad expanded to the CIAS quadrants (adding Safety)!

 

I do rather like the fact that it is volunteer run. But I suspect that it is already too unwieldy to be a decent guide, and may become even more so. On the other hand, I've always said that, whatever you learn can be used in security, so ...

 

I suspect it would make a rather good study guide for those going for the CISSP exam. If you are familiar with all of this, you're ready.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
2 Replies
Until_then
Contributor I

Safety - Safety addresses reducing risk associated with embedded technologies that could fail or be manipulated by nefarious actors.

 

^By that definition, that feature already falls under a security control family in NIST SP 800-53 (series).

AppDefects
Community Champion

Very cool!