Hi Everyone,
If you are doing any security compliance work, I came across a good free resource. The Secure Controls Framework is a free security controls reference that also cross indexes the controls from many other compliance frameworks. What’s nice about this is can allow you to see how a framework you already implemented compares to a framework you may want or need to implement.
For example, if you meet NIST 800-171 and are planning to achieve ISO 27001:2013 you use the SCF to see where required controls for the 2 standards intersect. Then you can focus your efforts where there are control gaps.
Just google ‘Secure Controls Framework official site’. The SCF is free although you do need to create an account (Just setup a user name and PW) to download or view the control tables.
Hope you find this useful.
Regards,
Art