SCF Practitioner Training

About The SCF Practitioner Course

SCF Practitioners are SAICO-certified individuals who have the knowledge and skills to:    1. Implement SCF controls that align with the SCF recommended practices and structure; and    2. Maintain an organization’s cybersecurity and data protection program. The SCF Practitioner training course is designed to build a student’s existing knowledge of the following core concepts:    1. The structure and content of the Secure Controls Framework (SCF);    2. Scoping control applicability using the Unified Scoping Guide (USG);    3. Cybersecurity risk tolerance & materiality concepts;     4. Understanding Set Theory Relationship Mapping (STRM); and    5. An Introduction to the SCF Conformity Assessment Program (SCF CAP). Prerequisites include having familiarity with the following publications / resources:    o  What the Secure Controls Framework (SCF) (e.g., structure, content, uses, etc.);    o  Integrated Controls Management (ICM) Model;    o  SCF Cybersecurity & Data Privacy Capability Maturity Model (C|P-CMM);    o  SCF Cybersecurity & Data Privacy Risk Management Model (C|P-RMM);    o  Unified Scoping Guide (USG);    o  Cybersecurity risk tolerance & materiality concepts; and    o  NIST IR 8477 - Set Theory Relationship Mapping (STRM). It is beneficial to have knowledge of:    o SCF Conformity Assessment Program (SCF CAP); and    o Cybersecurity & Data Protection Assessment Standards (CDPAS). The SCF Practitioner knowledge exam consists of fifty (50) questions based on the course syllabus. A passing score of at least seventy percent (70%) is required to pass the knowledge exam and obtain certification as a SCF Practitioner. SCF Practitioner certifications are valid for a one (1) year period at which time, the certificate must be renewed or it is expired. The renewal process included paying a fee and taking a knowledge test to ensure the SCF Practitioner's continued proficiency in the subject matter.