SCF-B Business Mergers & Acquisitions

The SCF-B is a subset of the SCF that is tailored for evaluating the cybersecurity and privacy risks associated with Mergers & Acquisitions (M&A) due diligence. Due to the potentially complicated nature of the M&A evaluation, we designed the SCF-B to be comprehensive in nature. The following frameworks are leveraged to identify appropriate cybersecurity and privacy controls that should be evaluated as part of M&A due diligence activities: 

• SOC2

• CIS CSC

• COBITv5

• COSO

• CSA CCM

• GAPP

• ISO 27002

• ISO 31000

• ISO 31010

• NIST 800-160

• NIST Cybersecurity Framework

• OWASP Top 10

• UL 2900-1

• EU GDPR

​

To see the mappings between the SCF-B controls, sign up for a free account and download the complete SCF. You can customize the SCF for your own specific needs!