
SCF-B Business Mergers & Acquisitions
The SCF-B is a subset of the SCF that is tailored for evaluating the cybersecurity and privacy risks associated with Mergers & Acquisitions (M&A) due diligence. Due to the potentially complicated nature of the M&A evaluation, we designed the SCF-B to be comprehensive in nature. The following frameworks are leveraged to identify appropriate cybersecurity and privacy controls that should be evaluated as part of M&A due diligence activities:
-
SOC2
-
CIS CSC
-
COBITv5
-
COSO
-
CSA CCM
-
GAPP
-
ISO 27002
-
ISO 31000
-
ISO 31010
-
NIST 800-160
-
NIST Cybersecurity Framework
-
OWASP Top 10
-
UL 2900-1
-
EU GDPR
To see the mappings between the SCF-B controls, sign up for a free account and download the complete SCF. You can customize the SCF for your own specific needs!