top of page

SCF version 2022.3 Release

We are pleased to announce the release of version 2022.3. There is some new content and minor refinement of the risk catalog to standardize wording improve readability and it also includes a new Evidence Request List (ERL) to help standardize naming for evidence artifacts. New mapping in this version includes:

  • Australian Government Information Security Manual (ISM) September 2022

  • BSI Standard 200-1

  • California Privacy Rights Act (CPRA) - November 2022 version

  • Cybersecurity Capability Maturity Model (C2M2) v2.1

  • Illinois Biometric Information Privacy Act (PIPA)

  • Illinois Identity Protection Act (IPA)

  • ISO 27017:2015

  • ISO 27001:2022

  • Japan Information System Security Management and Assessment Program (ISMAP)

  • New Zealand NZISM 3.6

  • Shared Assessments SIG 2023

  • US Centers for Medicare & Medicaid Services MARS-E Document Suite, Version 2.0

Download available at


Recent Posts

See All
bottom of page