Cyber Assessment Framework
Description
The NCSC Cyber Assessment Framework (CAF), developed by the UK's National Cyber Security Centre (NCSC), provides organizations with a structured and systematic way to assess and manage cybersecurity risks. It is particularly useful for organizations within critical national infrastructure (CNI) sectors but is flexible enough for broader application. The framework is built around four main objectives: managing security risk, protecting against cyber-attacks, detecting cyber events, and minimizing the impact of incidents.
Overview
The NCSC CAF is aimed at organizations that provide essential services or critical infrastructure, particularly those regulated by the UK's NIS regulations. Its purpose is to help these organizations improve their cybersecurity resilience by ensuring they manage cyber risks effectively and maintain compliance with regulatory requirements.
Related Cybersecurity Frameworks
23 NYCRR 500
Cybersecurity Regulation
Cybersecurity
Learn More
CC SRG
Cloud Computing Security Requirements Guide
Cybersecurity
Learn More
CCoP
Cloud Code of Practice
Cybersecurity
Learn More
CIS Controls
Center for Internet Security Controls
Cybersecurity
Learn More
CSA CCM
Cloud Controls Matrix
Cybersecurity
Learn More
Cyber Essentials
Cyber Essentials
Cybersecurity
Learn More