Secure Controls Framework (SCF) creates secure practices for you to structure your cybersecurity and privacy policies for better implementation and management. SCF’s open-source guidance is free and meant to provide assurance that your cybersecurity and privacy goals—whether strategic, operational, or tactical—are being met within your organization.

A recent update to their offering includes an SCF Risk Catalog. This catalog has 32 pre-defined risks mapped to SCF controls to highlight what risks could be realized in the event that one of your controls fails.

How It Works

The SCF Risks catalog can be imported directly into your Risk Cloud environment in the form of a new workflow within your Risk Cloud Application. The same flexibility that Risk Cloud gives you in other areas of the platform is applicable to this workflow, so you can map to any relevant area of your risk program. 

SCF Risks are documented in a CSV file available for import into Risk Cloud. Additional support from the LogicGate Support team can be leveraged to help with custom implementation and mapping.

Why You Need It

• Get your risk program up and running quickly by using SCF’s pre-built risk catalog
• Understand the impact on your controls landscape if a risk is realized
• Analyze your controls effectiveness in accordance with NIST CSF Functions—Identify, Protect, Detect, Respond, Recover
• Effectively mitigate risk by strengthening your organization’s controls