uniform_resource_scf_2024_2
| Column | Type | PK | Required | Default |
|---|---|---|---|---|
| SCF Domain | TEXT | No | No | |
| SCF Control | TEXT | No | No | |
| SCF # | TEXT | No | No | |
| Secure Controls Framework (SCF) Control Description | TEXT | No | No | |
| Methods To Comply With SCF Controls | TEXT | No | No | |
| Evidence Request List (ERL) # | TEXT | No | No | |
| SCF Control Question | TEXT | No | No | |
| Relative Control Weighting | TEXT | No | No | |
| PPTDF Applicability PEOPLE | TEXT | No | No | |
| PPTDF Applicability PROCESS | TEXT | No | No | |
| PPTDF Applicability TECHNOLOGY | TEXT | No | No | |
| PPTDF Applicability DATA | TEXT | No | No | |
| PPTDF Applicability FACILITY | TEXT | No | No | |
| NIST CSF Function Grouping | TEXT | No | No | |
| SCRM Focus TIER 1 STRATEGIC | TEXT | No | No | |
| SCRM Focus TIER 2 OPERATIONAL | TEXT | No | No | |
| SCRM Focus TIER 3 TACTICAL | TEXT | No | No | |
| SP-CMM 0 Not Performed | TEXT | No | No | |
| SP-CMM 1 Performed Informally | TEXT | No | No | |
| SP-CMM 2 Planned & Tracked | TEXT | No | No | |
| SP-CMM 3 Well Defined | TEXT | No | No | |
| SP-CMM 4 Quantitatively Controlled | TEXT | No | No | |
| SP-CMM 5 Continuously Improving | TEXT | No | No | |
| AICPA TSC 2017 (with 2022 revised POF) | TEXT | No | No | |
| BSI Standard 200-1 | TEXT | No | No | |
| CIS CSC v8.0 | TEXT | No | No | |
| CIS CSC v8.0 IG1 | TEXT | No | No | |
| CIS CSC v8.0 IG2 | TEXT | No | No | |
| CIS CSC v8.0 IG3 | TEXT | No | No | |
| COBIT 2019 | TEXT | No | No | |
| COSO v2017 | TEXT | No | No | |
| CSA CCM v4 | TEXT | No | No | |
| CSA IoT SCF v2 | TEXT | No | No | |
| ENISA v2.0 | TEXT | No | No | |
| GAPP | TEXT | No | No | |
| IEC TR 60601-4-5 v2021 | TEXT | No | No | |
| IEC 62443-4-2 | TEXT | No | No | |
| ISO/SAE 21434 v2021 | TEXT | No | No | |
| ISO 22301 v2019 | TEXT | No | No | |
| ISO 27001 v2013 | TEXT | No | No | |
| ISO 27001 v2022 | TEXT | No | No | |
| ISO 27002 v2013 | TEXT | No | No | |
| ISO 27002 v2022 | TEXT | No | No | |
| ISO 27017 v2015 | TEXT | No | No | |
| ISO 27018 v2014 | TEXT | No | No | |
| ISO 27701 v2019 | TEXT | No | No | |
| ISO 29100 v2011 | TEXT | No | No | |
| ISO 31000 v2009 | TEXT | No | No | |
| ISO 31010 v2009 | TEXT | No | No | |
| ISO 42001 v2023 | TEXT | No | No | |
| MITRE ATT&CK 10 | TEXT | No | No | |
| MPA Content Security Program v5.1 | TEXT | No | No | |
| NAIC Insurance Data Security Model Law (MDL-668) | TEXT | No | No | |
| NIST AI RMF AI 100-1 v1.0 | TEXT | No | No | |
| NIST Privacy Framework v1.0 | TEXT | No | No | |
| NIST 800-37 rev 2 | TEXT | No | No | |
| NIST 800-39 | TEXT | No | No | |
| NIST 800-53 rev4 | TEXT | No | No | |
| NIST 800-53 rev4 (low) | TEXT | No | No | |
| NIST 800-53 rev4 (moderate) | TEXT | No | No | |
| NIST 800-53 rev4 (high) | TEXT | No | No | |
| NIST 800-53 rev5 | TEXT | No | No | |
| NIST 800-53B rev5 (privacy) | TEXT | No | No | |
| NIST 800-53B rev5 (low) | TEXT | No | No | |
| NIST 800-53B rev5 (moderate) | TEXT | No | No | |
| NIST 800-53B rev5 (high) | TEXT | No | No | |
| NIST 800-53 rev5 (NOC) | TEXT | No | No | |
| NIST 800-63B (partial mapping) | TEXT | No | No | |
| NIST 800-82 rev3 LOW OT Overlay | TEXT | No | No | |
| NIST 800-82 rev3 MODERATE OT Overlay | TEXT | No | No | |
| NIST 800-82 rev3 HIGH OT Overlay | TEXT | No | No | |
| NIST 800-160 | TEXT | No | No | |
| NIST 800-161 rev 1 | TEXT | No | No | |
| NIST 800-161 rev 1 C-SCRM Baseline | TEXT | No | No | |
| NIST 800-161 rev 1 Flow Down | TEXT | No | No | |
| NIST 800-161 rev 1 Level 1 | TEXT | No | No | |
| NIST 800-161 rev 1 Level 2 | TEXT | No | No | |
| NIST 800-161 rev 1 Level 3 | TEXT | No | No | |
| NIST 800-171 rev 2 | TEXT | No | No | |
| NIST 800-171 rev 3 FPD | TEXT | No | No | |
| NIST 800-171 rev 3 | TEXT | No | No | |
| NIST 800-171A | TEXT | No | No | |
| NIST 800-171A rev 3 | TEXT | No | No | |
| NIST 800-172 | TEXT | No | No | |
| NIST 800-207 | TEXT | No | No | |
| NIST 800-218 v1.1 SSDF | TEXT | No | No | |
| NIST CSF v1.1 | TEXT | No | No | |
| NIST CSF v2.0 | TEXT | No | No | |
| OWASP Top 10 v2021 | TEXT | No | No | |
| PCIDSS v3.2 | TEXT | No | No | |
| PCIDSS v4.0 | TEXT | No | No | |
| PCIDSS v4.0 SAQ A | TEXT | No | No | |
| PCIDSS v4.0 SAQ A-EP | TEXT | No | No | |
| PCIDSS v4.0 SAQ B | TEXT | No | No | |
| PCIDSS v4.0 SAQ B-IP | TEXT | No | No | |
| PCIDSS v4.0 SAQ C | TEXT | No | No | |
| PCIDSS v4.0 SAQ C-VT | TEXT | No | No | |
| PCIDSS v4.0 SAQ D Merchant | TEXT | No | No | |
| PCIDSS v4.0 SAQ D Service Provider | TEXT | No | No | |
| PCIDSS v4.0 SAQ P2PE | TEXT | No | No | |
| Shared Assessments SIG 2024 | TEXT | No | No | |
| SPARTA | TEXT | No | No | |
| SWIFT CSF v2023 | TEXT | No | No | |
| TISAX ISA v5.1.0 | TEXT | No | No | |
| UL 2900-1 | TEXT | No | No | |
| UN R155 | TEXT | No | No | |
| UN ECE WP.29 | TEXT | No | No | |
| US C2M2 v2.1 | TEXT | No | No | |
| US CERT RMM v1.2 | TEXT | No | No | |
| US CISA CPG v2022 | TEXT | No | No | |
| US CJIS Security Policy 5.9.3 | TEXT | No | No | |
| US CMMC 2.0 Level 1 | TEXT | No | No | |
| US CMMC 2.0 Level 2 | TEXT | No | No | |
| US CMMC 2.0 Level 3 | TEXT | No | No | |
| US CMMC 2.1 (draft) Level 1 | TEXT | No | No | |
| US CMMC 2.1 (draft) Level 2 | TEXT | No | No | |
| US CMMC 2.1 (draft) Level 3 | TEXT | No | No | |
| US CMS MARS-E v2.0 | TEXT | No | No | |
| US COPPA | TEXT | No | No | |
| US DoD Zero Trust Reference Architecture v2.0 | TEXT | No | No | |
| US DFARS Cybersecurity 252.204-70xx | TEXT | No | No | |
| US DHS CISA TIC 3.0 | TEXT | No | No | |
| US FACTA | TEXT | No | No | |
| US FAR 52.204-21 | TEXT | No | No | |
| US FAR 52.204-27 | TEXT | No | No | |
| US FAR Section 889 | TEXT | No | No | |
| US FDA 21 CFR Part 11 | TEXT | No | No | |
| US FedRAMP R4 | TEXT | No | No | |
| US FedRAMP R4 (low) | TEXT | No | No | |
| US FedRAMP R4 (moderate) | TEXT | No | No | |
| US FedRAMP R4 (high) | TEXT | No | No | |
| US FedRAMP R4 (LI-SaaS) | TEXT | No | No | |
| US FedRAMP R5 | TEXT | No | No | |
| US FedRAMP R5 (low) | TEXT | No | No | |
| US FedRAMP R5 (moderate) | TEXT | No | No | |
| US FedRAMP R5 (high) | TEXT | No | No | |
| US FedRAMP R5 (LI-SaaS) | TEXT | No | No | |
| US FERPA | TEXT | No | No | |
| US FFIEC | TEXT | No | No | |
| US FINRA | TEXT | No | No | |
| US FTC Act | TEXT | No | No | |
| US GLBA CFR 314 (Dec 2023) | TEXT | No | No | |
| US HIPAA | TEXT | No | No | |
| HIPAA - HICP Small Practice | TEXT | No | No | |
| HIPAA - HICP Medium Practice | TEXT | No | No | |
| HIPAA - HICP Large Practice | TEXT | No | No | |
| US IRS 1075 | TEXT | No | No | |
| US ITAR Part 120 (limited) | TEXT | No | No | |
| US NERC CIP | TEXT | No | No | |
| US NISPOM | TEXT | No | No | |
| US NNPI (unclass) | TEXT | No | No | |
| US NSTC NSPM-33 | TEXT | No | No | |
| US Privacy Shield | TEXT | No | No | |
| US SEC Cybersecurity Rule | TEXT | No | No | |
| US SOX | TEXT | No | No | |
| US SSA EIESR v8.0 | TEXT | No | No | |
| US StateRAMP Low Category 1 | TEXT | No | No | |
| US StateRAMP Low+ Category 2 | TEXT | No | No | |
| US StateRAMP Moderate Category 3 | TEXT | No | No | |
| US TSA / DHS 1580/82-2022-01 | TEXT | No | No | |
| US - AK PIPA | TEXT | No | No | |
| US - CA SB327 | TEXT | No | No | |
| US-CA CPRA (Nov 2022) | TEXT | No | No | |
| US - CA SB1386 | TEXT | No | No | |
| US - CO Colorado Privacy Act | TEXT | No | No | |
| US - IL BIPA | TEXT | No | No | |
| US - IL IPA | TEXT | No | No | |
| US - IL PIPA | TEXT | No | No | |
| US-MA 201 CMR 17.00 | TEXT | No | No | |
| US - NV SB220 | TEXT | No | No | |
| US - NY DFS 23 NYCRR500 2023 Amd 2 | TEXT | No | No | |
| US - NY SHIELD Act S5575B | TEXT | No | No | |
| US - OR 646A | TEXT | No | No | |
| US - SC Insurance Data Security Act | TEXT | No | No | |
| US - TN Tennessee Information Protection Act | TEXT | No | No | |
| US - TX BC521 | TEXT | No | No | |
| US-TX Cybersecurity Act | TEXT | No | No | |
| US-TX DIR Control Standards 2.0 | TEXT | No | No | |
| US-TX TX-RAMP Level 1 | TEXT | No | No | |
| US-TX TX-RAMP Level 2 | TEXT | No | No | |
| US-TX SB820 | TEXT | No | No | |
| US-VA CDPA 2023 | TEXT | No | No | |
| US-VT Act 171 of 2018 | TEXT | No | No | |
| EMEA EU EBA GL/2019/04 | TEXT | No | No | |
| EMEA EU DORA | TEXT | No | No | |
| EMEA EU ePrivacy (draft) | TEXT | No | No | |
| EMEA EU GDPR | TEXT | No | No | |
| EMEA EU NIS2 | TEXT | No | No | |
| EMEA EU PSD2 | TEXT | No | No | |
| EMEA EU EU-US Data Privacy Framework | TEXT | No | No | |
| EMEA Austria | TEXT | No | No | |
| EMEA Belgium | TEXT | No | No | |
| EMEA Czech Republic | TEXT | No | No | |
| EMEA Denmark | TEXT | No | No | |
| EMEA Finland | TEXT | No | No | |
| EMEA France | TEXT | No | No | |
| EMEA Germany | TEXT | No | No | |
| EMEA Germany Banking Supervisory Requirements for IT (BAIT) | TEXT | No | No | |
| EMEA Germany C5-2020 | TEXT | No | No | |
| EMEA Greece | TEXT | No | No | |
| EMEA Hungary | TEXT | No | No | |
| EMEA Ireland | TEXT | No | No | |
| EMEA Israel CDMO v1.0 | TEXT | No | No | |
| EMEA Israel | TEXT | No | No | |
| EMEA Italy | TEXT | No | No | |
| EMEA Kenya DPA 2019 | TEXT | No | No | |
| EMEA Luxembourg | TEXT | No | No | |
| EMEA Netherlands | TEXT | No | No | |
| EMEA Nigeria DPR 2019 | TEXT | No | No | |
| EMEA Norway | TEXT | No | No | |
| EMEA Poland | TEXT | No | No | |
| EMEA Portugal | TEXT | No | No | |
| EMEA Qatar PDPPL | TEXT | No | No | |
| EMEA Russia | TEXT | No | No | |
| EMEA Saudi Arabia Critical Security Controls | TEXT | No | No | |
| EMEA Saudi Arabia SACS-002 | TEXT | No | No | |
| EMEA Saudi Arabia SAMA CSFv1.0 | TEXT | No | No | |
| EMEA Saudi Arabia ECC-12018 | TEXT | No | No | |
| EMEA Saudi Arabia OTCC-1 2022 | TEXT | No | No | |
| EMEA Serbia 87/2018 | TEXT | No | No | |
| EMEA Slovak Republic | TEXT | No | No | |
| EMEA South Africa | TEXT | No | No | |
| EMEA Spain 1720/2007 | TEXT | No | No | |
| EMEA Spain 311/2022 | TEXT | No | No | |
| EMEA Spain CCN-STIC 825 | TEXT | No | No | |
| EMEA Sweden | TEXT | No | No | |
| EMEA Switzerland | TEXT | No | No | |
| EMEA Turkey | TEXT | No | No | |
| EMEA UAE | TEXT | No | No | |
| EMEA UK CAF v3.1 | TEXT | No | No | |
| EMEA UK CAP 1850 | TEXT | No | No | |
| EMEA UK Cyber Essentials | TEXT | No | No | |
| EMEA UK DPA | TEXT | No | No | |
| EMEA UK GDPR | TEXT | No | No | |
| APAC Australia Essential 8 | TEXT | No | No | |
| APAC Australia Privacy Act | TEXT | No | No | |
| APAC Australian Privacy Principles | TEXT | No | No | |
| APAC Australia ISM 2022 | TEXT | No | No | |
| APAC Australia IoT Code of Practice | TEXT | No | No | |
| APAC Australia Prudential Standard CPS230 | TEXT | No | No | |
| APAC Australia Prudential Standard CPS234 | TEXT | No | No | |
| APAC China Cybersecurity Law | TEXT | No | No | |
| APAC China Data Security Law (DSL) | TEXT | No | No | |
| APAC China DNSIP | TEXT | No | No | |
| APAC China Privacy Law | TEXT | No | No | |
| APAC Hong Kong | TEXT | No | No | |
| APAC India ITR | TEXT | No | No | |
| APAC Indonesia | TEXT | No | No | |
| APAC Japan APPI | TEXT | No | No | |
| APAC Japan ISMAP | TEXT | No | No | |
| APAC Malaysia | TEXT | No | No | |
| APAC New Zealand Health ISF | TEXT | No | No | |
| APAC New Zealand NZISM 3.6 | TEXT | No | No | |
| APAC New Zealand Privacy Act of 2020 | TEXT | No | No | |
| APAC Philippines | TEXT | No | No | |
| APAC Singapore | TEXT | No | No | |
| APAC Singapore Cyber Hygiene Practice | TEXT | No | No | |
| APAC Singapore MAS TRM 2021 | TEXT | No | No | |
| APAC South Korea | TEXT | No | No | |
| APAC Taiwan | TEXT | No | No | |
| Americas Argentina | TEXT | No | No | |
| Americas Argentina Reg 132-2018 | TEXT | No | No | |
| Americas Bahamas | TEXT | No | No | |
| Americas Bermuda BMACCC | TEXT | No | No | |
| Americas Brazil LGPD | TEXT | No | No | |
| Americas Canada CSAG | TEXT | No | No | |
| Americas Canada OSFI B-13 | TEXT | No | No | |
| Americas Canada PIPEDA | TEXT | No | No | |
| Americas Chile | TEXT | No | No | |
| Americas Colombia | TEXT | No | No | |
| Americas Costa Rica | TEXT | No | No | |
| Americas Mexico | TEXT | No | No | |
| Americas Peru | TEXT | No | No | |
| Americas Uruguay | TEXT | No | No | |
| Minimum Security Requirements MCR + DSR | TEXT | No | No | |
| Identify Minimum Compliance Requirements (MCR) | TEXT | No | No | |
| Identify Discretionary Security Requirements (DSR) | TEXT | No | No | |
| SCF-B Business Mergers & Acquisitions | TEXT | No | No | |
| SCF-I Cyber Insurance Duty of Care | TEXT | No | No | |
| SCF-E Embedded Technology | TEXT | No | No | |
| SCF-M MSP/MSSP Secure Practices Baseline | TEXT | No | No | |
| SCF-R Ransomware Protection | TEXT | No | No | |
| SCF-Z Zero Trust Architecture (ZTA) | TEXT | No | No | |
| Risk Threat Summary | TEXT | No | No | |
| Risk R-AC-1 | TEXT | No | No | |
| Risk R-AC-2 | TEXT | No | No | |
| Risk R-AC-3 | TEXT | No | No | |
| Risk R-AC-4 | TEXT | No | No | |
| Risk R-AM-1 | TEXT | No | No | |
| Risk R-AM-2 | TEXT | No | No | |
| Risk R-AM-3 | TEXT | No | No | |
| Risk R-BC-1 | TEXT | No | No | |
| Risk R-BC-2 | TEXT | No | No | |
| Risk R-BC-3 | TEXT | No | No | |
| Risk R-BC-4 | TEXT | No | No | |
| Risk R-BC-5 | TEXT | No | No | |
| Risk R-EX-1 | TEXT | No | No | |
| Risk R-EX-2 | TEXT | No | No | |
| Risk R-EX-3 | TEXT | No | No | |
| Risk R-EX-4 | TEXT | No | No | |
| Risk R-EX-5 | TEXT | No | No | |
| Risk R-EX-6 | TEXT | No | No | |
| Risk R-EX-7 | TEXT | No | No | |
| Risk R-GV-1 | TEXT | No | No | |
| Risk R-GV-2 | TEXT | No | No | |
| Risk R-GV-3 | TEXT | No | No | |
| Risk R-GV-4 | TEXT | No | No | |
| Risk R-GV-5 | TEXT | No | No | |
| Risk R-GV-6 | TEXT | No | No | |
| Risk R-GV-7 | TEXT | No | No | |
| Risk R-GV-8 | TEXT | No | No | |
| Risk R-IR-1 | TEXT | No | No | |
| Risk R-IR-2 | TEXT | No | No | |
| Risk R-IR-3 | TEXT | No | No | |
| Risk R-IR-4 | TEXT | No | No | |
| Risk R-SA-1 | TEXT | No | No | |
| Risk R-SA-2 | TEXT | No | No | |
| Control Threat Summary | TEXT | No | No | |
| Threat NT-1 | TEXT | No | No | |
| Threat NT-2 | TEXT | No | No | |
| Threat NT-3 | TEXT | No | No | |
| Threat NT-4 | TEXT | No | No | |
| Threat NT-5 | TEXT | No | No | |
| Threat NT-6 | TEXT | No | No | |
| Threat NT-7 | TEXT | No | No | |
| Threat NT-8 | TEXT | No | No | |
| Threat NT-9 | TEXT | No | No | |
| Threat NT-10 | TEXT | No | No | |
| Threat NT-11 | TEXT | No | No | |
| Threat NT-12 | TEXT | No | No | |
| Threat NT-13 | TEXT | No | No | |
| Threat NT-14 | TEXT | No | No | |
| Threat MT-1 | TEXT | No | No | |
| Threat MT-2 | TEXT | No | No | |
| Threat MT-3 | TEXT | No | No | |
| Threat MT-4 | TEXT | No | No | |
| Threat MT-5 | TEXT | No | No | |
| Threat MT-6 | TEXT | No | No | |
| Threat MT-7 | TEXT | No | No | |
| Threat MT-8 | TEXT | No | No | |
| Threat MT-9 | TEXT | No | No | |
| Threat MT-10 | TEXT | No | No | |
| Threat MT-11 | TEXT | No | No | |
| Threat MT-12 | TEXT | No | No | |
| Threat MT-13 | TEXT | No | No | |
| Threat MT-14 | TEXT | No | No | |
| Threat MT-15 | TEXT | No | No | |
| Threat MT-16 | TEXT | No | No | |
| Errata 2024.2 | TEXT | No | No | |
| tenant_id | No | No | ||
| tenant_name | No | No |
Foreign Keys
| No data |
Indexes
| No data |
SQL DDL
CREATE TABLE uniform_resource_scf_2024_2(
"SCF Domain" TEXT,
"SCF Control" TEXT,
"SCF #" TEXT,
"Secure Controls Framework (SCF) Control Description" TEXT,
"Methods To Comply With SCF Controls" TEXT,
"Evidence Request List (ERL) #" TEXT,
"SCF Control Question" TEXT,
"Relative Control Weighting" TEXT,
"PPTDF
Applicability
PEOPLE" TEXT,
"PPTDF
Applicability
PROCESS" TEXT,
"PPTDF
Applicability
TECHNOLOGY" TEXT,
"PPTDF
Applicability
DATA" TEXT,
"PPTDF
Applicability
FACILITY" TEXT,
"NIST CSF
Function Grouping" TEXT,
"SCRM Focus
TIER 1
STRATEGIC" TEXT,
"SCRM Focus
TIER 2
OPERATIONAL" TEXT,
"SCRM Focus
TIER 3
TACTICAL" TEXT,
"SP-CMM 0
Not Performed" TEXT,
"SP-CMM 1
Performed Informally" TEXT,
"SP-CMM 2
Planned & Tracked" TEXT,
"SP-CMM 3
Well Defined" TEXT,
"SP-CMM 4
Quantitatively Controlled" TEXT,
"SP-CMM 5
Continuously Improving" TEXT,
"AICPA
TSC 2017
(with 2022 revised POF)" TEXT,
"BSI
Standard 200-1" TEXT,
"CIS
CSC
v8.0" TEXT,
"CIS
CSC v8.0
IG1" TEXT,
"CIS
CSC v8.0
IG2" TEXT,
"CIS
CSC v8.0
IG3" TEXT,
"COBIT
2019" TEXT,
"COSO
v2017" TEXT,
"CSA
CCM
v4" TEXT,
"CSA
IoT SCF
v2" TEXT,
"ENISA
v2.0" TEXT,
GAPP TEXT,
"IEC TR 60601-4-5
v2021" TEXT,
"IEC 62443-4-2" TEXT,
"ISO/SAE
21434
v2021" TEXT,
"ISO
22301
v2019" TEXT,
"ISO
27001
v2013" TEXT,
"ISO
27001
v2022" TEXT,
"ISO
27002
v2013" TEXT,
"ISO
27002
v2022" TEXT,
"ISO
27017
v2015" TEXT,
"ISO
27018
v2014" TEXT,
"ISO
27701
v2019" TEXT,
"ISO
29100
v2011" TEXT,
"ISO
31000
v2009" TEXT,
"ISO
31010
v2009" TEXT,
"ISO
42001
v2023" TEXT,
"MITRE
ATT&CK
10" TEXT,
"MPA
Content Security Program
v5.1" TEXT,
"NAIC
Insurance Data Security Model Law (MDL-668)" TEXT,
"NIST
AI RMF
AI 100-1
v1.0" TEXT,
"NIST Privacy Framework
v1.0" TEXT,
"NIST
800-37
rev 2" TEXT,
"NIST
800-39" TEXT,
"NIST
800-53
rev4" TEXT,
"NIST
800-53 rev4
(low)" TEXT,
"NIST
800-53 rev4
(moderate)" TEXT,
"NIST
800-53 rev4
(high)" TEXT,
"NIST
800-53
rev5" TEXT,
"NIST
800-53B
rev5
(privacy)" TEXT,
"NIST
800-53B
rev5
(low)" TEXT,
"NIST
800-53B
rev5
(moderate)" TEXT,
"NIST
800-53B
rev5
(high)" TEXT,
"NIST
800-53
rev5
(NOC)" TEXT,
"NIST
800-63B
(partial mapping)" TEXT,
"NIST
800-82 rev3
LOW
OT Overlay" TEXT,
"NIST
800-82 rev3
MODERATE
OT Overlay" TEXT,
"NIST
800-82 rev3
HIGH
OT Overlay" TEXT,
"NIST
800-160" TEXT,
"NIST
800-161
rev 1" TEXT,
"NIST
800-161
rev 1
C-SCRM Baseline" TEXT,
"NIST
800-161
rev 1
Flow Down" TEXT,
"NIST
800-161
rev 1
Level 1" TEXT,
"NIST
800-161
rev 1
Level 2" TEXT,
"NIST
800-161
rev 1
Level 3" TEXT,
"NIST
800-171
rev 2" TEXT,
"NIST
800-171
rev 3 FPD" TEXT,
"NIST
800-171
rev 3" TEXT,
"NIST
800-171A" TEXT,
"NIST 800-171A rev 3" TEXT,
"NIST
800-172" TEXT,
"NIST
800-207" TEXT,
"NIST
800-218
v1.1
SSDF" TEXT,
"NIST
CSF
v1.1" TEXT,
"NIST
CSF
v2.0" TEXT,
"OWASP
Top 10
v2021" TEXT,
"PCIDSS
v3.2" TEXT,
"PCIDSS
v4.0" TEXT,
"PCIDSS
v4.0
SAQ A" TEXT,
"PCIDSS
v4.0
SAQ A-EP" TEXT,
"PCIDSS
v4.0
SAQ B" TEXT,
"PCIDSS
v4.0
SAQ B-IP" TEXT,
"PCIDSS
v4.0
SAQ C" TEXT,
"PCIDSS
v4.0
SAQ C-VT" TEXT,
"PCIDSS
v4.0
SAQ D Merchant" TEXT,
"PCIDSS
v4.0
SAQ D Service Provider" TEXT,
"PCIDSS
v4.0
SAQ P2PE" TEXT,
"Shared Assessments SIG 2024" TEXT,
SPARTA TEXT,
"SWIFT
CSF
v2023" TEXT,
"TISAX
ISA v5.1.0" TEXT,
"UL
2900-1" TEXT,
"UN
R155" TEXT,
"UN
ECE WP.29" TEXT,
"US
C2M2
v2.1" TEXT,
"US
CERT RMM
v1.2" TEXT,
"US
CISA
CPG
v2022" TEXT,
"US
CJIS Security Policy 5.9.3" TEXT,
"US CMMC 2.0 Level 1" TEXT,
"US CMMC 2.0 Level 2" TEXT,
"US CMMC 2.0 Level 3" TEXT,
"US
CMMC 2.1 (draft)
Level 1" TEXT,
"US
CMMC 2.1 (draft)
Level 2" TEXT,
"US
CMMC 2.1 (draft)
Level 3" TEXT,
"US
CMS
MARS-E v2.0" TEXT,
"US
COPPA" TEXT,
"US
DoD
Zero Trust Reference Architecture v2.0" TEXT,
"US
DFARS
Cybersecurity
252.204-70xx" TEXT,
"US
DHS CISA
TIC 3.0" TEXT,
"US
FACTA" TEXT,
"US
FAR
52.204-21" TEXT,
"US
FAR
52.204-27" TEXT,
"US
FAR
Section 889" TEXT,
"US
FDA
21 CFR Part 11" TEXT,
"US
FedRAMP
R4" TEXT,
"US
FedRAMP
R4 (low)" TEXT,
"US
FedRAMP
R4 (moderate)" TEXT,
"US
FedRAMP
R4 (high)" TEXT,
"US
FedRAMP
R4 (LI-SaaS)" TEXT,
"US
FedRAMP
R5" TEXT,
"US
FedRAMP
R5
(low)" TEXT,
"US
FedRAMP
R5
(moderate)" TEXT,
"US
FedRAMP
R5
(high)" TEXT,
"US
FedRAMP
R5
(LI-SaaS)" TEXT,
"US
FERPA" TEXT,
"US
FFIEC" TEXT,
"US
FINRA" TEXT,
"US
FTC Act" TEXT,
"US
GLBA
CFR 314
(Dec 2023)" TEXT,
"US HIPAA" TEXT,
"HIPAA - HICP
Small Practice" TEXT,
"HIPAA - HICP
Medium Practice" TEXT,
"HIPAA - HICP
Large Practice" TEXT,
"US
IRS 1075" TEXT,
"US
ITAR Part 120
(limited)" TEXT,
"US
NERC
CIP" TEXT,
"US
NISPOM" TEXT,
"US
NNPI
(unclass)" TEXT,
"US
NSTC
NSPM-33" TEXT,
"US
Privacy Shield" TEXT,
"US
SEC
Cybersecurity Rule" TEXT,
"US
SOX" TEXT,
"US
SSA
EIESR
v8.0" TEXT,
"US
StateRAMP
Low
Category 1" TEXT,
"US
StateRAMP
Low+
Category 2" TEXT,
"US
StateRAMP
Moderate
Category 3" TEXT,
"US
TSA / DHS
1580/82-2022-01" TEXT,
"US - AK
PIPA" TEXT,
"US - CA
SB327" TEXT,
"US-CA
CPRA
(Nov 2022)" TEXT,
"US - CA
SB1386" TEXT,
"US - CO
Colorado Privacy Act" TEXT,
"US - IL
BIPA" TEXT,
"US - IL
IPA" TEXT,
"US - IL
PIPA" TEXT,
"US-MA
201 CMR 17.00" TEXT,
"US - NV
SB220" TEXT,
"US - NY
DFS
23 NYCRR500
2023 Amd 2" TEXT,
"US - NY
SHIELD Act
S5575B" TEXT,
"US - OR
646A" TEXT,
"US - SC
Insurance Data Security Act" TEXT,
"US - TN
Tennessee Information Protection Act " TEXT,
"US - TX
BC521" TEXT,
"US-TX
Cybersecurity Act" TEXT,
"US-TX DIR Control Standards 2.0" TEXT,
"US-TX
TX-RAMP
Level 1" TEXT,
"US-TX
TX-RAMP
Level 2" TEXT,
"US-TX
SB820" TEXT,
"US-VA
CDPA
2023" TEXT,
"US-VT
Act 171 of 2018" TEXT,
"EMEA
EU
EBA
GL/2019/04" TEXT,
"EMEA
EU
DORA" TEXT,
"EMEA
EU ePrivacy
(draft)" TEXT,
"EMEA
EU
GDPR" TEXT,
"EMEA
EU
NIS2" TEXT,
"EMEA
EU
PSD2" TEXT,
"EMEA
EU
EU-US Data Privacy Framework" TEXT,
"EMEA
Austria" TEXT,
"EMEA
Belgium" TEXT,
"EMEA
Czech Republic" TEXT,
"EMEA
Denmark" TEXT,
"EMEA
Finland" TEXT,
"EMEA
France" TEXT,
"EMEA
Germany" TEXT,
"EMEA
Germany
Banking Supervisory Requirements for IT (BAIT)" TEXT,
"EMEA
Germany
C5-2020" TEXT,
"EMEA
Greece" TEXT,
"EMEA
Hungary" TEXT,
"EMEA
Ireland" TEXT,
"EMEA
Israel
CDMO
v1.0" TEXT,
"EMEA
Israel" TEXT,
"EMEA
Italy" TEXT,
"EMEA
Kenya
DPA 2019" TEXT,
"EMEA
Luxembourg" TEXT,
"EMEA
Netherlands" TEXT,
"EMEA
Nigeria
DPR 2019" TEXT,
"EMEA
Norway" TEXT,
"EMEA
Poland" TEXT,
"EMEA
Portugal" TEXT,
"EMEA
Qatar
PDPPL" TEXT,
"EMEA
Russia" TEXT,
"EMEA
Saudi Arabia
Critical Security Controls" TEXT,
"EMEA
Saudi Arabia
SACS-002" TEXT,
"EMEA
Saudi Arabia
SAMA CSFv1.0" TEXT,
"EMEA
Saudi Arabia
ECC-12018" TEXT,
"EMEA
Saudi Arabia
OTCC-1 2022" TEXT,
"EMEA
Serbia
87/2018" TEXT,
"EMEA
Slovak Republic" TEXT,
"EMEA
South Africa" TEXT,
"EMEA
Spain
1720/2007" TEXT,
"EMEA
Spain
311/2022" TEXT,
"EMEA
Spain
CCN-STIC 825" TEXT,
"EMEA
Sweden" TEXT,
"EMEA
Switzerland" TEXT,
"EMEA
Turkey" TEXT,
"EMEA
UAE" TEXT,
"EMEA
UK
CAF v3.1" TEXT,
"EMEA
UK
CAP 1850" TEXT,
"EMEA
UK
Cyber Essentials" TEXT,
"EMEA
UK
DPA" TEXT,
"EMEA
UK
GDPR" TEXT,
"APAC
Australia
Essential 8" TEXT,
"APAC
Australia
Privacy Act" TEXT,
"APAC
Australian Privacy Principles" TEXT,
"APAC
Australia
ISM 2022" TEXT,
"APAC
Australia
IoT Code of Practice" TEXT,
"APAC
Australia
Prudential Standard CPS230" TEXT,
"APAC
Australia
Prudential Standard CPS234" TEXT,
"APAC
China
Cybersecurity
Law" TEXT,
"APAC
China
Data Security Law (DSL)" TEXT,
"APAC
China
DNSIP" TEXT,
"APAC
China
Privacy Law" TEXT,
"APAC
Hong Kong" TEXT,
"APAC
India
ITR" TEXT,
"APAC
Indonesia" TEXT,
"APAC
Japan
APPI" TEXT,
"APAC
Japan
ISMAP" TEXT,
"APAC
Malaysia" TEXT,
"APAC
New Zealand Health ISF" TEXT,
"APAC
New Zealand
NZISM 3.6" TEXT,
"APAC
New Zealand Privacy Act of 2020" TEXT,
"APAC
Philippines" TEXT,
"APAC
Singapore" TEXT,
"APAC
Singapore
Cyber Hygiene Practice" TEXT,
"APAC
Singapore MAS
TRM 2021" TEXT,
"APAC
South Korea" TEXT,
"APAC
Taiwan" TEXT,
"Americas
Argentina" TEXT,
"Americas
Argentina
Reg 132-2018" TEXT,
"Americas
Bahamas" TEXT,
"Americas
Bermuda
BMACCC" TEXT,
"Americas
Brazil
LGPD" TEXT,
"Americas
Canada
CSAG" TEXT,
"Americas
Canada
OSFI B-13" TEXT,
"Americas
Canada
PIPEDA" TEXT,
"Americas
Chile" TEXT,
"Americas
Colombia" TEXT,
"Americas
Costa Rica" TEXT,
"Americas
Mexico" TEXT,
"Americas
Peru" TEXT,
"Americas
Uruguay" TEXT,
"Minimum Security Requirements
MCR + DSR" TEXT,
"Identify
Minimum Compliance Requirements (MCR)" TEXT,
"Identify
Discretionary Security Requirements (DSR)" TEXT,
"SCF-B
Business Mergers & Acquisitions" TEXT,
"SCF-I
Cyber Insurance Duty of Care" TEXT,
"SCF-E
Embedded
Technology" TEXT,
"SCF-M
MSP/MSSP
Secure Practices Baseline" TEXT,
"SCF-R
Ransomware Protection" TEXT,
"SCF-Z
Zero Trust Architecture (ZTA)" TEXT,
"Risk Threat Summary" TEXT,
"Risk
R-AC-1" TEXT,
"Risk
R-AC-2" TEXT,
"Risk
R-AC-3" TEXT,
"Risk
R-AC-4" TEXT,
"Risk
R-AM-1" TEXT,
"Risk
R-AM-2" TEXT,
"Risk
R-AM-3" TEXT,
"Risk
R-BC-1" TEXT,
"Risk
R-BC-2" TEXT,
"Risk
R-BC-3" TEXT,
"Risk
R-BC-4" TEXT,
"Risk
R-BC-5" TEXT,
"Risk
R-EX-1" TEXT,
"Risk
R-EX-2" TEXT,
"Risk
R-EX-3" TEXT,
"Risk
R-EX-4" TEXT,
"Risk
R-EX-5" TEXT,
"Risk
R-EX-6" TEXT,
"Risk
R-EX-7" TEXT,
"Risk
R-GV-1" TEXT,
"Risk
R-GV-2" TEXT,
"Risk
R-GV-3" TEXT,
"Risk
R-GV-4" TEXT,
"Risk
R-GV-5" TEXT,
"Risk
R-GV-6" TEXT,
"Risk
R-GV-7" TEXT,
"Risk
R-GV-8" TEXT,
"Risk
R-IR-1" TEXT,
"Risk
R-IR-2" TEXT,
"Risk
R-IR-3" TEXT,
"Risk
R-IR-4" TEXT,
"Risk
R-SA-1" TEXT,
"Risk
R-SA-2" TEXT,
"Control Threat Summary" TEXT,
"Threat
NT-1" TEXT,
"Threat
NT-2" TEXT,
"Threat
NT-3" TEXT,
"Threat
NT-4" TEXT,
"Threat
NT-5" TEXT,
"Threat
NT-6" TEXT,
"Threat
NT-7" TEXT,
"Threat
NT-8" TEXT,
"Threat
NT-9" TEXT,
"Threat
NT-10" TEXT,
"Threat
NT-11" TEXT,
"Threat
NT-12" TEXT,
"Threat
NT-13" TEXT,
"Threat
NT-14" TEXT,
"Threat
MT-1" TEXT,
"Threat
MT-2" TEXT,
"Threat
MT-3" TEXT,
"Threat
MT-4" TEXT,
"Threat
MT-5" TEXT,
"Threat
MT-6" TEXT,
"Threat
MT-7" TEXT,
"Threat
MT-8" TEXT,
"Threat
MT-9" TEXT,
"Threat
MT-10" TEXT,
"Threat
MT-11" TEXT,
"Threat
MT-12" TEXT,
"Threat
MT-13" TEXT,
"Threat
MT-14" TEXT,
"Threat
MT-15" TEXT,
"Threat
MT-16" TEXT,
"Errata
2024.2" TEXT,
tenant_id,
tenant_name
)