Version 2025.3 represents a major update, based on number of new and changed controls in the Secure Controls Framework (SCF). There are many new controls in SCF 2025.2 and the majority of the new controls are focused on the governance of Artificial Intelligence (AI), but are sourced from SCF Community Derived Content, a volunteer initiative to address existing risks that organizations face, but there is a lack of a law, regulation or industry-recognized standard that supports a certain action. The SCF took the lead on organizing Subject Matter Experts (SMEs) to develop, compile and edit recommendations from the industry.
You can download the new version of the SCF and errata from:
SCF https://securecontrolsframework.com/scf-download/
Errata https://github.com/securecontrolsframework/securecontrolsframework/blob/main/SCF%202025.3%20Errata.txt
Added new control sets:
Conformity Validation Cadence (CVC)
SCF CORE Community Derived
SCF CORE ESP Level 1 Foundational
SCF CORE ESP Level 2 Critical Infrastructure
SCF CORE ESP Level 3 Advanced Threats
SCF CORE AI-Enabled Operations
SCF CORE AI Model Deployment
Added / Updated Set Theory Relationship Mappings (STRM) for:
Texas SB 2610
New Controls:
GOV-19 - Assurance
GOV-19.1 - Assurance Levels (AL)
GOV-19.2 - Assessment Objectives (AO)
GOV-20 - Mergers, Acquisitions & Divestitures (MA&D)
GOV-20.1 - Virtual Data Room (VDR)
AAT-01.4 - AI Model & Agent Inventory & Lifecycle Management
AAT-02.4 - AI Threat Modeling & Risk Assessment
AAT-03.2 - Model & AI Agent Documentation
AAT-10.19 - AI TEVV Third-Party Risk Management
AAT-16.11 - Anomaly Detection & Human Oversight
AAT-16.12 - Human-in-the-Loop & Escalation
AAT-16.13 - Emergent Behavior & Collusion Protections
AAT-16.14 - Multi-Agent Trust & Communication Validation
AAT-28 - AI Model Resilience
AAT-28.1 - Model Pollution
AAT-28.2 - Cascading Hallucination Defense
AAT-28.3 - Resource Exhaustion & DoS Resilience
AAT-29 - AI Agent Governance
AAT-29.1 - Infrastructure Hardening & Isolation
AAT-29.2 - AI Agent Limitations
AAT-29.3 - Tool & API Invocation Controls
AAT-29.4 - Orchestration Protocol Safeguards
AAT-29.5 - Data Pipeline & Input Integrity
AAT-29.6 - Privileged Role & Delegation Boundaries
AAT-29.7 - AI Agent Data Access Restrictions
AAT-29.8 - Data Extraction
AAT-29.9 - AI Agent Identity & Impersonation Defense
AAT-29.10 - AI Agent Logic Integrity
AAT-29.11 - Sandboxing AI Agents
AAT-29.12 - Prompt Injection Defense
AAT-29.13 - Agent Kill Switch / User Control
AAT-29.14 - Adversarial & Red Team Testing
AAT-29.15 - Self-Modification Controls
AAT-29.16 - Purging AI Agent Data
AAT-29.17 - Delegation and Chaining Control
AAT-29.18 - Behavioral Drift Detection
AAT-29.19 - AI Agent Action Authentication & Authorization
AAT-29.20 - Transparency & Audit
AAT-29.21 - Explainability
AAT-29.22 - Ethics, Fairness & Bias Detection
AAT-29.23 - Agent Output Integrity & Verification
AAT-30 - Agentic Output Traceability & Repudiation
AAT-30.1 - AI Agent Logging
AAT-30.2 - Session Management
AAT-31 - Human-in-the-Loop Workload & Manipulation
AAT-32 - Robotic Process Automation (RPA)
AAT-32.1 - Business Process Task Enumeration
AST-31.3 - Asset Attributes
AST-32 - Automated Network Asset Discovery
CLD-04.1 - API Gateway
CLD-15 - Software Defined Storage (SDS)
CPL-03.4 - Assessment Methods
CPL-03.5 - Assessment Rigor
CPL-03.6 - Evidence Request List (ERL)
CPL-03.7 - Evidence Sampling
CPL-09 - Control Reciprocity
CPL-10 - Control Inheritance
CPL-11 - Dual Use Technology
CPL-11.1 - USML or CCL Identification
CPL-11.2 - Export-Controlled Access Restrictions
CPL-11.3 - Export Activities Documentation
MON-18 - File Activity Monitoring (FAM)
CRY-13 - Cryptographic Hash
END-01.1 - Unified Endpoint Device Management (UEDM)
END-06.8 - Extended Detection & Response (XDR)
HRS-07.3 - Preventative Access Restriction
IAC-06.5 - Alternative Multi-Factor Authentication
IAC-10.14 - Passkeys
IAC-16.3 - Privileged Command Execution
IAC-16.4 - Dedicated Privileged Account
IAC-29.1 - Real-Time Access Decisions
IAC-29.2 - Access Profile Rules
PRM-02.1 - Prioritization To Address Evolving Risks & Threats
SEA-01.3 - Resilience Capabilities
SEA-22 - Privileged Environments
TDA-02.14 - Logging Syntax
TDA-06.6 - Software Design Root Cause Analysis
TDA-20.4 - Approved Code
Renamed Controls:
GOV-15.4 - Authorize Technology Assets, Applications and/or Services (TAAS)
GOV-17 - Cybersecurity & Data Protection Status Reporting
AST-15.1 - Technology Asset Inspections
BCD-11.3 - Recovery Images
BCD-12 - Technology Assets, Applications and/or Services (TAAS) Recovery & Reconstitution
CHG-02.3 - Cybersecurity & Data Protection Representative for Asset Lifecycle Changes
CLD-04 - Application Programming Interface (API) Security
CFG-02 - Secure Baseline Configurations
CRY-10 - Transmission of Cybersecurity & Data Protection Attributes
DCH-05 - Cybersecurity & Data Protection Attributes
DCH-13 - Use of External Technology Assets, Applications and/or Services (TAAS)
DCH-13.3 - Protecting Sensitive / Regulated Data on External Technology Assets, Applications and/or Services (TAAS)
DCH-13.4 - Non-Organizationally Owned Technology Assets, Applications and/or Services (TAAS)
HRS-06.2 - Post-Employment Requirements Awareness
HRS-09.3 - Post-Employment Requirements Notification
IAC-05 - Identification & Authentication for Third-Party Technology Assets, Applications and/or Services (TAAS)
IAC-10.9 - Multiple System Accounts
IAC-21.3 - Management Approval For Privileged Accounts
IRO-02.6 - Automatic Disabling of Technology Assets, Applications and/or Services (TAAS)
MDM-11 - Restricting Access To Authorized Technology Assets, Applications and/or Services (TAAS)
PES-01.1 - Physical Security Plan (PSP)
PRM-01 - Cybersecurity & Data Protection Portfolio Management
PRM-02 - Cybersecurity & Data Protection Resource Management
PRM-04 - Cybersecurity & Data Protection In Project Management
PRM-05 - Cybersecurity & Data Protection Requirements Definition
SEA-01.1 - Centralized Management of Cybersecurity & Data Protection Controls
SAT-01 - Cybersecurity & Data Protection-Minded Workforce
SAT-02 - Cybersecurity & Data Protection Awareness Training
SAT-03 - Role-Based Cybersecurity & Data Protection Training
SAT-03.4 - Vendor Cybersecurity & Data Protection Training
SAT-03.7 - Continuing Professional Education (CPE) - Cybersecurity & Data Protection Personnel
SAT-04 - Cybersecurity & Data Protection Training Records
TDA-09 - Cybersecurity & Data Protection Testing Throughout Development
TDA-17 - Unsupported Technology Assets, Applications and/or Services (TAAS)
Wordsmithed Controls:
GOV-05
GOV-05.1
GOV-05.2
GOV-11
GOV-13
GOV-14
GOV-15
GOV-15.1
GOV-15.2
GOV-15.3
GOV-15.4
GOV-15.5
GOV-17
AAT-02.2
AAT-24
AST-01.1
AST-01.2
AST-01.3
AST-02
AST-02.8
AST-03.2
AST-04.1
AST-04.2
AST-04.3
AST-06
AST-12
AST-15
AST-17
AST-26
AST-30
AST-31
BCD-01
BCD-02
BCD-06.1
BCD-11.7
BCD-12
BCD-12.1
BCD-12.2
BCD-12.4
CAP-02
CAP-04
CAP-05
CAP-06
CHG-02.3
CHG-04.3
CHG-06
CHG-06.1
CLD-01.1
CLD-04
CLD-07
CLD-13
CLD-13.1
CLD-13.2
CLD-14
CPL-01.2
CPL-03.1
CPL-03.2
CPL-05.2
CPL-06
CFG-02
CFG-02.2
CFG-02.5
CFG-06
CFG-08
MON-01.4
MON-01.7
MON-01.11
MON-02.5
MON-02.8
MON-02.9
MON-03
MON-03.6
MON-07
MON-16
CRY-10
DCH-02.1
DCH-03.3
DCH-05
DCH-05.1
DCH-05.2
DCH-05.3
DCH-05.4
DCH-05.5
DCH-05.6
DCH-05.7
DCH-05.8
DCH-05.10
DCH-05.11
DCH-10.2
DCH-11
DCH-13
DCH-13.1
DCH-13.3
DCH-13.4
DCH-14.1
DCH-14.2
DCH-24.1
EMB-02
EMB-03
END-01
END-03.2
END-04.1
END-05
END-06.5
END-06.6
END-14.1
HRS-02.1
HRS-05
HRS-05.3
HRS-05.7
HRS-06.2
HRS-08
HRS-09.2
HRS-09.3
HRS-10
HRS-12.1
HRS-13
IAC-01.3
IAC-05
IAC-06
IAC-08
IAC-09
IAC-10.9
IAC-13.1
IAC-16
IAC-20.2
IAC-20.7
IAC-21.6
IRO-01
IRO-02.3
IRO-02.6
IRO-07
IRO-09
IRO-09.1
IRO-10.1
IRO-10.3
IRO-10.4
IRO-10.5
IRO-11
IRO-12.3
IRO-13
IAO-01
IAO-01.1
IAO-02
IAO-02.1
IAO-03
IAO-06
IAO-07
MNT-02
MNT-03
MNT-03.1
MNT-03.2
MNT-04.3
MNT-05.6
MNT-06.2
MDM-02
MDM-06
MDM-11
NET-03.1
NET-03.7
NET-04.13
NET-05
NET-06
NET-14.5
NET-14.7
NET-16
NET-18.9
PES-01.1
PES-03.4
PES-05.2
PES-07.6
PES-08.3
PES-18
PRI-05.5
PRM-01
PRM-01.1
PRM-02
PRM-03
PRM-04
PRM-05
PRM-06
PRM-07
PRM-08
RSK-02
RSK-02.1
RSK-04
RSK-06.1
RSK-09
RSK-09.1
RSK-10
RSK-11
SEA-01
SEA-01.1
SEA-01.2
SEA-02
SEA-07.1
SEA-08.1
SEA-14
SEA-18
SEA-18.1
OPS-05
OPS-07
SAT-01
SAT-02
SAT-03
SAT-03.1
SAT-03.4
SAT-03.6
SAT-03.7
SAT-04
TDA-01.1
TDA-01.4
TDA-02
TDA-02.1
TDA-02.4
TDA-02.8
TDA-02.9
TDA-02.10
TDA-02.13
TDA-03.1
TDA-04
TDA-04.1
TDA-04.2
TDA-05
TDA-06.1
TDA-06.3
TDA-06.5
TDA-08
TDA-08.1
TDA-09
TDA-09.1
TDA-09.2
TDA-09.3
TDA-09.4
TDA-09.5
TDA-09.6
TDA-09.7
TDA-10.1
TDA-13
TDA-14.1
TDA-14.2
TDA-16
TDA-17
TDA-17.1
TDA-21
TDA-22
TDA-22.1
TPM-01.1
TPM-02
TPM-03
TPM-03.1
TPM-04
TPM-04.1
TPM-04.2
TPM-05
TPM-05.1
TPM-05.2
TPM-05.4
TPM-05.5
TPM-05.6
TPM-05.7
TPM-05.8
TPM-08
TPM-10
THR-06
VPM-05
VPM-06.8
VPM-07
VPM-10
WEB-02
Corrected Typo
BCD-11
Updated
AU Essential 8
o IAC-21.2
CMMC Level 1
o DCH-13.3
o IAC-09
o IAC-10
o IAC-10.1
o IAC-15
o IAC-15.1
o IAC-20
o IAC-21
o NET-02
o NET-03
o NET-14
o NET-14.5
o PES-01
o PES-02.1
o PES-03
o PES-03.4
o PES-04
o PES-05
o VPM-02
o VPM-04
o VPM-05
o WEB-04
NIST 800-171 R2
o CLD-01
o CLD-02
o DCH-01
o DCH-17
o END-01
o HRS-01
o HRS-05
o HRS-05.1
o HRS-05.2
o IAC-01
o IAC-08
o NET-01
o TPM-01
o WEB-01
ISO 42001:2023
o GOV-01
o GOV-01.1
o AAT-01.1
o AAT-02.1
o AAT-04
o AAT-07
o AAT-07.3
o AAT-09
o AAT-17.3
o CPL-02.1
o IAO-05
o RSK-01
o RSK-06
o OPS-01.1
o TDA-01
NZ HSIF
o TPM-01
o TPM-04.1
o TPM-05
o TPM-08