Skip to content

frameworks

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

frameworks

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
AICPA_soc-for-cybersecurity-brochure.md
AICPA_soc-for-cybersecurity-brochure.md
 
 
AWS_CIS_Foundations_Benchmark.md
AWS_CIS_Foundations_Benchmark.md
 
 
CIS_Controls.md
CIS_Controls.md
 
 
CIS_Controls_7_1_Mapping_to_Implementation_Groups.csv
CIS_Controls_7_1_Mapping_to_Implementation_Groups.csv
 
 
CIS_Controls_7_1_Mapping_to_Implementation_Groups.md
CIS_Controls_7_1_Mapping_to_Implementation_Groups.md
 
 
CIS_Controls_Cloud_Companion_Guide.md
CIS_Controls_Cloud_Companion_Guide.md
 
 
CIS_Controls_Version_7.md
CIS_Controls_Version_7.md
 
 
CIS_Controls_Version_7_1.md
CIS_Controls_Version_7_1.md
 
 
CIS_Controls_Version_7_cc.csv
CIS_Controls_Version_7_cc.csv
 
 
CIS_Controls_Version_7_cc.md
CIS_Controls_Version_7_cc.md
 
 
CIS_Controls_Version_8.csv
CIS_Controls_Version_8.csv
 
 
CIS_Controls_Version_8.md
CIS_Controls_Version_8.md
 
 
CIS_Controls_v8_Guide.md
CIS_Controls_v8_Guide.md
 
 
CSF 2.0 Implementation Examples.md
CSF 2.0 Implementation Examples.md
 
 
CSF 2.0-Implementation_Examples.csv
CSF 2.0-Implementation_Examples.csv
 
 
CSF 2.0-Implementation_Examples.md
CSF 2.0-Implementation_Examples.md
 
 
Cloud+Computing+Compliance+Controls+Catalogue+(C5).md
Cloud+Computing+Compliance+Controls+Catalogue+(C5).md
 
 
Description-Criteria.md
Description-Criteria.md
 
 
HIPAA_master_mapping.csv
HIPAA_master_mapping.csv
 
 
HIPAA_master_mapping.md
HIPAA_master_mapping.md
 
 
MITRE_ATTACK.md
MITRE_ATTACK.md
 
 
MITRE_D3FEND.md
MITRE_D3FEND.md
 
 
NIST.CSWP.29.md
NIST.CSWP.29.md
 
 
NIST.CSWP.32.ipd.md
NIST.CSWP.32.ipd.md
 
 
NIST.SP.1301.md
NIST.SP.1301.md
 
 
NIST.SP.1302.md
NIST.SP.1302.md
 
 
NIST.SP.1303.md
NIST.SP.1303.md
 
 
NIST_CSF.md
NIST_CSF.md
 
 
NIST_CSF_2.md
NIST_CSF_2.md
 
 
NIST_CSF__v1.1_2018-04-16.csv
NIST_CSF__v1.1_2018-04-16.csv
 
 
NIST_CSF__v1.1_2018-04-16.md
NIST_CSF__v1.1_2018-04-16.md
 
 
NIST_CSF_to_HIPAA_Mapping.csv
NIST_CSF_to_HIPAA_Mapping.csv
 
 
NIST_CSF_to_HIPAA_Mapping.md
NIST_CSF_to_HIPAA_Mapping.md
 
 
NIST_OSCAL.md
NIST_OSCAL.md
 
 
OPA_Open_Policy_Agent.md
OPA_Open_Policy_Agent.md
 
 
PCI_DSS_Summary_of_Changes_3_2_1.md
PCI_DSS_Summary_of_Changes_3_2_1.md
 
 
PCI_DSS_v3_2_1.md
PCI_DSS_v3_2_1.md
 
 
README.md
README.md
 
 
SOC2_Basics.md
SOC2_Basics.md
 
 
SOC_Overview_MSPAlliance_20181218.md
SOC_Overview_MSPAlliance_20181218.md
 
 
Secure_Controls_Framework_Repository.md
Secure_Controls_Framework_Repository.md
 
 
TSC_mapping_NIST_CSF.csv
TSC_mapping_NIST_CSF.csv
 
 
TSC_mapping_NIST_CSF.md
TSC_mapping_NIST_CSF.md
 
 
Understanding_SAQs_PCI_DSS_v3.md
Understanding_SAQs_PCI_DSS_v3.md
 
 
VSA CORE FINAL 2022.csv
VSA CORE FINAL 2022.csv
 
 
VSA CORE FINAL 2022.md
VSA CORE FINAL 2022.md
 
 
csf2.csv
csf2.csv
 
 
csf2.md
csf2.md
 
 
overview-aws-cloud-adoption-framework.md
overview-aws-cloud-adoption-framework.md
 
 

README.md

frameworks

Control frameworks, cross-framework mappings, and cloud-platform control catalogs. The largest bucket in the library.

Contents

Group Items
CIS Controls Versions 7, 7.1, 8 — full text, CSV catalogs, implementation-group mappings, cloud companion guide
NIST CSF 2.0 Implementation Examples (CSV + MD)
AICPA SOC for Cybersecurity brochure, Description Criteria
Cloud AWS CIS Foundations Benchmark, C5 (German cloud compliance catalogue)
Cross-framework mappings HIPAA master mapping, CSF↔SP 800-171 mapping (see also standards/)

Discovery

Filter CATALOG.csv by content_type=framework. CSV catalogs (.csv files here) are machine-readable control tables — parse directly for programmatic cross-mapping.

awk -F',' '$4=="framework"' ../CATALOG.csv

Notes

  • Licensed content excluded: ISO 27001/27002/27018/27701/22301, HITRUST CSF, and full PCI DSS v4.0.1 text are not in this library (license restrictions). Control catalog summaries and mappings referencing these frameworks may appear in research/ or standards/ where fair-use applies.
  • CSV files are the primary machine-readable surface here — prefer them over the Markdown equivalents for automated control lookup.