NIST CSF 2.0 Certification

The Secure Controls Framework Conformity Assessment Program (SCF CAP) offers a certification path for NIST Cybersecurity Framework version 2 (NIST CSF 2.0). Successfully completing the SCF CAP assessment will award the Organization Seeking Assessment (OSA) with the designation of SCF Certified - NIST CSF 2.0

SCF Certified - NIST CSF 2.0 - Official Assessment Guide

If you want to get SCF Certified for NIST CSF 2.0, you can download the NIST CSF 2.0 Assessment Guide from the SCF's website at https://securecontrolsframework.com/content/cap/ag-nist-csf-v-1-0.pdf

For organizations that have a current Cybersecurity Maturity Model Certification (CMMC) Level 2 certification and want to leverage reciprocity towards NIST CSF 2.0 certification can use a different assessment guide that can be downloaded from: https://securecontrolsframework.com/content/cap/ag-cmmc-l2-nist-csf-v-1-0.pdf (only applicable if the organization holds a current CMMC L2 certification)

NIST CSF 2.0 Policies, Standards & Procedures

ComplianceForge has editable policies, standards and procedures for NIST CSF 2.0 to assist your organization earning a NIST CSF 2.0 certification as part of the SCF CAP:

1. Digital Security Program (DSP)
   • Enterprise-class solution for SCF-based policies, control objectives, standards, guidelines, metrics and more.
   • Complete coverage for all SCF controls.
   • SCF-based policies map 1-1 with SCF domains.
   • SCF-based standards map 1-1 with SCF controls
   • Comes in both Word and Excel formats, so the DSP can be imported into a GRC platform that accepts policies and standards.
2. Cybersecurity Standardized Operating Procedures (CSOP)
   • SCF-based procedures that compliment the standards in the DSP.
   • Complete coverage for all SCF controls.
   • Procedures map 1-1 with SCF controls.
   • Comes in both Word and Excel formats, so the CSOP can be imported into a GRC platform that accepts procedures.
3. NIST Cybersecurity Framework 2.0 (NIST CSF 2.0) Policies & Standards
   • Tailored for NIST CSF 2.0.
   • SCF-based policies to address NIST CSF 2.0 requirements.
   • SCF-based standards to address NIST CSF 2.0 requirements.
4. NIST CSF 2.0 Procedures
   • Tailored for NIST CSF 2.0.
   • SCF-based procedures to address NIST CSF 2.0 requirements.

ComplianceForge has several affordable options available for 1-1 mapped policies, standards and procedures to address the NIST CSF 2.0 Set Theory Relationship Mapping (STRM) used by the SCF to identify applicable controls necessary to demonstrate conformity with NIST CSF 2.0 categories and subcategories. 

• C-SCRM & NIST 800-161 R1

  For many cybersecurity practitioners, even those well versed in NIST 800-171 and Cybersecurity Matur...

• Secure Software Development Attestation

  Can you tell the difference in these secure software development attestation forms? There isn't one...

• NIST 800-171 R3 ODPs

  ComplianceForge released NIST 800-171 R3 documentation updated to address DoD-provided Organization-...

• SCF Training & Certifications

  ComplianceForge is a Licensed Content Provider (LCP) for the Secure Controls Framework (SC...

---