DSP version 2022.3 release

ComplianceForge Support Secure Controls Framework (SCF)
December 14th, 2022 1 minute read

Listen to article

Audio generated by DropInBlog's Blog Voice AI™ may have slight pronunciation nuances. Learn more

ComplianceForge is pleased to announce the release of version 2022.3 of the Digital Security Program (DSP). There is some new content and minor refinement of the risk catalog to standardize wording improve readability and it also includes a new Evidence Request List (ERL) to help standardize naming for evidence artifacts. The DSP contains 1-1 mapping to the Secure Controls Framework (SCF) so you can have policies, control objectives, standards and more to support your implementation of the SCF!

New mapping in this version includes:

Australian Government Information Security Manual (ISM) September 2022
BSI Standard 200-1
California Privacy Rights Act (CPRA) - November 2022 version
Cybersecurity Capability Maturity Model (C2M2) v2.1
Illinois Biometric Information Privacy Act (PIPA)
Illinois Identity Protection Act (IPA)
ISO 27017:2015
ISO 27001:2022
Japan Information System Security Management and Assessment Program (ISMAP)
New Zealand NZISM 3.6
Shared Assessments SIG 2023
US Centers for Medicare & Medicaid Services MARS-E Document Suite, Version 2.0.

Learn more about this premium GRC content at https://complianceforge.com/secure-controls-framework-scf-compliance-bundles/

« Back to Blog

NIST SP 800‑53 R5 Control Families

This release includes a total of 1,189 controls, organized into 20 families:

Access Control
Awareness & Training
Audit & Accountability
Assessment, Authorization & Monitoring
Configuration Management
Contingency Planning
Identification & Authentication
Incident Response
Maintenance
Media Protection
Physical & Environmental Protection
Planning
Program Management
Personnel Security
Personally Identifiable Information (PII) Processing & Transparency
Risk Assessment
System & Services Acquisition
System & Communications Protection
System & Information Integrity
Supply Chain Risk Management

This count includes deprecated controls that have been removed or folded into others. Some controls are not categorized under baselines—low, moderate, high, or privacy—per NIST SP 800‑53B.

ComplianceForge provides full 1:1 mapping of all 20 families and their controls in its CDPP documentation.

Governance Risk & Compliance (GRC) Content

Secure Controls Framework (SCF)

NIST 800-171 & CMMC - Where Do I Start?

Editable Policies & Standards Templates

Editable Procedures Templates

Cybersecurity Supply Chain Risk Management

NIST 800-171 Compliance

Risk Management

Data Protection (Privacy) & Secure Engineering

Vulnerability & Patch Management

Incident Response

PCI DSS Compliance

NIST 800-171 & CMMC Compliance

Premium GRC Content (GRC Importable)

Cybersecurity Policies, Standards & Procedures

Cybersecurity Supply Chain Risk Management

Privacy & Data Protection (GDPR, CCPA & more)

Risk Management Bundles

Subscriptions

Common Compliance Requirements

Alignment With Secure Practices

Free Guides

Cost Savings

US Federal Data Security Laws & Regulations

US State Data Security Laws & Regulations

International Data Security Laws & Regulations

SCF Licensed Content Provider (LCP)

SCF Certifications

Individual Certifications

Why Choose ComplianceForge?

Industries Served & Client References

Multiple Company Discount

Product Comparison: DSP vs CDPP

DSP version 2022.3 release

NIST SP 800‑53 R5 Control Families

Is A GRC Tool A Security Protection Asset (SPA)?

Cybersecurity Materiality & Key Controls

NIST 800-171 R2 to R3 Transition Guide

Apply PPTDF For Cybersecurity Compliance

DSP version 2022.3 release

Related Articles

NIST SP 800‑53 R5 Control Families

Is A GRC Tool A Security Protection Asset (SPA)?

Cybersecurity Materiality & Key Controls

NIST 800-171 R2 to R3 Transition Guide

Apply PPTDF For Cybersecurity Compliance

NIST SP 800‑53 R5 Control Families