At the strategic, operational and tactical layers of an organisation, regardless of its size or industry.
Understanding the requirements for both cybersecurity and privacy principles involves a simple process of distilling expectations. This process is all part of documenting reasonable expectations that are “right-sized” for an organisation, since every organisation has unique requirements.
It is best to visualise the SCF™ as a buffet of cybersecurity and privacy controls, where there is a selection of 740+ controls available to you. Once you know what is applicable to you, you can generate a customised control set that gives you the controls you need to address your statutory, regulatory and contractual obligations.
Building a security program that routinely incorporates security and privacy practices into daily operations requires a mastery of the basics.
Think of the SCF™ as a toolkit for us to help you build out your overall security program domain-by-domain so that cybersecurity and privacy principles are designed, implemented and managed by default!
The SCF™ has understandably been built primarily to incorporate North American & European Security & Privacy Standards. However, it has provided the framework and principles by which FirmGuard was already operating and delivering projects. We've taken this and extended its reach for the ANZ and JAPAC region and will continue to work with the SCF™ to incorporate all locally relevant standards.
We have incorporated the following local & regional standards:
The information on this page has been reproduced, adapted and localised to JAPAC and ANZ by FirmGuard with the kind permission of the team at the Secure Controls Framework™ (SCF). For further information on the SCF™ please refer to their website