Secure Controls Framework (SCF)
May 30, 2022
Standards
Manage multiple regulatory compliance frameworks
and standards in one platform
Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.
- EASA Part IS
- IATA Cyber Regulations
- Essential Eight
- NIST CSF 2.0 Critical
- CJIS v5.9.5
- OT Cybersecurity Framework
- Centraleyes Privacy Framework (CPF)
- AI Governance
- ISO 42001
- NIST AI RMF
- DORA EU
- ESG RiskÂ
- Business Email Compromise
- Health Industry Cybersecurity Practices (HICP)
- NIST 7621
- Secure Controls Framework (SCF)
- Cyber Resilience Review (CRR)
- ISO 27002
- OWASP SAMM
- Insider Threat Mitigation
- Ransomware Readiness Assessment
- FINRA
- OWASP MASVS
- NIST 800-82
- NIST 800-207 (Zero Trust)
- HECVAT
- NIST SP 800-53
- COSO
- NIST 800-46
- COBIT 5
- ICDM
- OWASP ASVS
- MITRE ATT&CK
- ISO 27001
- CIS Controls
- CSA
- NIST CSF
- What is the New Jersey Privacy Act?
- What is the IDPA?
- What is the Rhode Island Privacy and Security Act (RIDPA)?
- What is the MNDPA?
- Montana Consumer Data Protection Act
- Tennessee Information Protection Act
- Â Delaware Personal Data Privacy Act (DPDPA)
- Texas Data Privacy and Security Act (TDPSA)
- Oregon Consumer Privacy Act (OCPA)
- Nebraska Data Privacy Act (NDPA)
- Kentucky Consumer Data Protection Act (KCDPA)
- PIPEDA
- Utah Consumer Privacy Act (UCPA)Â
- Colorado Privacy Act (CPA)Â
- VCDPA
- Personal Information Privacy Law (PIPL) of China
- Nevada Privacy Law
- POPIA
- GDPR
- NIST Privacy Framework
- FERPA
- NY SHIELD Act
- ISO 27701
- HECVAT 4.0
- Information Security Manual (ISM)
- What is the New Jersey Privacy Act?
- What is the IDPA?
- What is the Rhode Island Privacy and Security Act (RIDPA)?
- What is the MNDPA?
- Texas Data Privacy and Security Act (TDPSA)
- Oregon Consumer Privacy Act (OCPA)
- Nebraska Data Privacy Act (NDPA)
- SWIFTÂ
- CJIS v5.9.5
- Florida Digital Bill of Rights (FDBR)
- Nevada Privacy Act
- Iowa Consumer Data Protection Act (ICDPA)
- ISO 42001
- NIS2
- HITECH Act
- What is the CPRA Act?
- IRS publication 1345
- ESG
- Cyber Essentials (UK)
- ISO 27002
- UAE IA
- ISO 22301
- CMMC
- FFIEC
- HIPAA
- NIST 800-82
- PCI DSSÂ
- SOX
- NERC CIP
- NYDFS
- SOC 2 Type II
- NIST 800-171
- NIST SP 800-53
- ISA/IEC 62443
- PSD2
- FedRAMP
- ISO 27001
- GLBA
- Recent Frameworks
FFIEC
June 14, 2021
PCI DSSÂ
June 14, 2021
GDPR
June 14, 2021
SOC 2 Type II
June 14, 2021
NY SHIELD Act
June 14, 2021
OWASP ASVS
June 14, 2021
ISO 27001
June 14, 2021
CIS Controls
June 14, 2021
ISO 27701
June 14, 2021
NIST CSF
May 18, 2021
​​Top 15 MSSPs to Watch in 2025
May 19, 2025
All Standards | Security
EASA Part IS
What is EASA? EASA stands for the European Union Aviation Safety Agency. It is a regulatory body established by the European Union to ensure a high and uniform level of…
IATA Cyber Regulations
The International Air Transport Association (IATA) Cyber Security Regulations represent a set of guidelines and standards aimed at enhancing cybersecurity resilience within the aviation industry. These regulations are critical for…
Essential Eight
What is the Essential Eight? The Essential Eight is a cybersecurity framework developed by the Australian Cyber Security Centre (ACSC) to help organizations mitigate cyber threats. It comprises eight critical…
NIST CSF 2.0 Critical
What is NIST CSF 2.0 Critical? NIST CSF CRITICAL is a custom cybersecurity framework designed to streamline and enhance the implementation of the NIST Cybersecurity Framework (CSF) by utilizing the…
CJIS v5.9.5
What is CJIS (v5.9.5)? The Criminal Justice Information Services (CJIS) Security Policy v5.9.5 is a comprehensive security framework established by the Federal Bureau of Investigation (FBI). It sets standards for…
OT Cybersecurity Framework
What is the OT Cybersecurity Framework? The OT Cybersecurity Framework or OT CSF is a foundational Operational Technology (OT) risk framework that covers all aspects of the OT environment. OT…
Centraleyes Privacy Framework (CPF)
What is the CPF? The Centraleyes Privacy Framework (CPF) is a comprehensive compliance tool designed to help organizations adhere to the diverse privacy regulations that are individual to each state…
AI Governance
What is the Centraleyes AI Governance Framework? The AI Governance assessment, created by the Analyst Team at Centraleyes, is designed to fill a critical gap for organizations that use pre-made…
NIST AI RMF
What is NIST AI RMF? As artificial intelligence gains traction and becomes increasingly more popular, it is critical to understand the risks that apply to companies who are creating AI…
Business Email Compromise
What is the Business Email Compromise? Business Email Compromise (BEC) is a type of cyber attack in which criminals target businesses or organizations by using email to trick employees into…
Health Industry Cybersecurity Practices (HICP)
What is HICP? The Health Industry Cybersecurity Practices: Handling Risks and Safeguarding Patients article was created as a result of the Cybersecurity Act of 2015, which brought together more than…
Secure Controls Framework (SCF)
What is Secure Controls Framework (SCF)? The Secure Controls Framework is a comprehensive list of controls created to empower businesses in the designing, building and maintenance stages of creating safe…
Cyber Resilience Review (CRR)
What is Cyber Resilience Review (CRR) The Cyber Resilience Review (CRR) assessment is a tool that measures a company’s cyber resilience. An organization can examine its capabilities against v1.1 of…
OWASP SAMM
What is OWASP SAMM? SAMM (Software Assurance Maturity Model) is an OWASP framework designed to assist organizations in assessing, formulating, and implementing a software security plan that may be included…
Insider Threat Mitigation
What is Insider Threat Mitigation? In September 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) published the Insider Risk Mitigation Self-Assessment Tool (IRMPE). The IRMPE is a tool that…
Ransomware Readiness Assessment
What is the Ransomware Readiness Assessment? The Ransomware Readiness Assessment (RRA) was released by the US Cybersecurity and Infrastructure Security Agency (CISA) in June 2021 as the latest addition to…
OWASP MASVS
What is OWASP MASVS? The Open Web Application Security Project (OWASP) is a non-profit international organization dedicated to improving the security of web applications. All of OWASP’s resources are freely…
NIST 800-82
What is the NIST SP 800-82 framework? The National Institute of Standards and Technology (NIST) Special Publication 800-82 offers detailed assistance regarding how to protect Industrial Control Systems (ICS), that…
NIST 800-207 (Zero Trust)
What is the Zero Trust Model? Zero trust is a growing security model that is based on the principle of enforcing strict access controls. The Zero Trust concept focuses on…
NIST SP 800-53
What is NIST 800-53? NIST 800-53 is a comprehensive set of guidelines developed by the National Institute of Standards and Technology (NIST) aimed at helping organizations manage and protect their…
NIST 800-46
What is the NIST SP 800-46 framework? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all…
