SCF Professional CommunityEcosystem Participants and Professions

The Secure Controls Framework (SCF) Conformity Assessment Program (SCF CAP) fosters a collaborative ecosystem for organizations committed to cybersecurity and data privacy excellence. By becoming part of the SCF ecosystem, your organization gains access to innovative frameworks, industry recognition, and the opportunity to contribute to advancing global cybersecurity standards.

Steps to Join the SCF Ecosystem

  1. Determine Your Organization’s Role

    • Identify the specific role your organization seeks within the SCF ecosystem:
      • SCF Third-Party Assessment Organization (3PAO): Conducts assessments to validate compliance with SCF standards.
      • SCF Authorized Platform Organization (APO): Integrates SCF standards into technology platforms like Governance, Risk, and Compliance (GRC) tools.
      • SCF Registered Provider Organization (RPO): Offers professional services, including consulting and implementation support for SCF requirements.

  2. Application Submission

    • Complete the relevant application through The Cyber AB’s online platform, coming in April 2025.
    • Provide comprehensive organizational information, including:
      • Demographic Data: Location, size, and structure of your organization.
      • Firmographic Data: Industry, annual revenue, and operational scope.
      • Experiential Information: Key expertise, certifications, and past experience relevant to SCF roles.
      • Other Essential Business Data: Unique identifiers, operational history, and governance processes.
    • Your application also initiates an organizational background check to confirm your risk profile and readiness for ecosystem participation.

  3. Assessment and Authorization

    • For 3PAOs: Undergo a rigorous authorization and accreditation process overseen by The Cyber AB. This includes evaluations of technical capabilities, experience, and adherence to SCF standards.
    • For APOs: Participate in a conformity assessment managed by SAICO. Your platform will be assessed to ensure alignment with SCF’s meta-framework requirements.
    • For RPOs: Register to align with SCF’s professional standards and certify your organization’s capability to deliver SCF-related services.

  4. Agreement Execution

    • Sign agreements specifying your responsibilities, compliance with SCF CAP standards, and adherence to the SCF Code of Professional Conduct. Additional attestations may be required based on your role.

  5. Training and Certification

    • Complete any mandatory training or certification prerequisites facilitated by SAICO, ensuring that your personnel and processes meet SCF standards.

  6. Integration and Activation

    • Finalize integration through the SCF Connect platform, a centralized resource for accessing tools, resources, and the SCF ecosystem network.
    • Begin your operational role in the SCF ecosystem, supported by ongoing collaboration and updates.