CybersecurityStandard

SACSF V2.0

South Australian Cyber Security Framework V2.0

The South Australian Cyber Security Framework (SACSF) is a cybersecurity governance framework developed by Security SA to help South Australian Government agencies manage cyber risks and protect information, systems, and digital services. It consists of 18 policy statements across four core principles—Governance, Information Security, Personnel Security, and Physical Security—and uses a four-tier risk-based approach to implement security controls proportionate to agency risk exposure.

Overview

The South Australian Cyber Security Framework (SACSF) is a government cybersecurity framework developed by Security SA to ensure cyber security is effectively managed across South Australian Government agencies. It provides a risk-based approach for protecting government infrastructure, digital assets, information, and services while allowing agencies flexibility in how they implement security controls to meet their specific operational needs.

The SACSF applies to South Australian public sector agencies defined under the Public Sector Act 2009 and is built around 18 policy statements that support four core principles: Governance, Information Security, Personnel Security, and Physical Security. The framework uses a four-tier implementation model, with each tier introducing progressively stronger security requirements based on the agency's risk exposure, ensuring that controls are proportionate to the level of risk.

The primary purpose of the SACSF is to help agencies identify, manage, and reduce cyber security risks while strengthening operational resilience and security governance. The framework is supported by standards, rulings, guidelines, templates, and implementation resources that address areas such as risk management, incident reporting, vulnerability management, awareness training, email security, and secure technology practices, enabling a consistent and scalable approach to cybersecurity across government.

The following principles are contained in this download: 1 Leadership 2 Organisational Structure and Staff Responsibilities 3 Risk Management 4 Policies, Procedures and Compliance 5 Supplier Management and Acquisition of Technology 6 Audit and Assurance 7 Information Asset Identification and Classification 8 Incident Management 9 Resilience and Service Continuity 10 Access to Information 11 Administrative Access 12 Robust ICT Systems and Operations 13 Vulnerability Management 14 Network Communications 15 Secure Software Development 16 Mobile Device Management & Remote Working 17 Personnel Security Lifecycle 18 Physical Security

Related in Cybersecurity

CybersecurityStandardFramework

CAIQ v4.1.0 — Consensus Assessment Initiative Questionnaire v4.1.0

The Consensus Assessments Initiative Questionnaire (CAIQ) v4.1.0 is a comprehensive cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate the security, privacy, and compliance practices of cloud service providers. It includes 261 assessment questions mapped to 207 controls across 17 security domains, supporting detailed vendor due diligence, third-party risk management, and cloud security assessments using a standardized industry framework.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityStandard

CAIQ Lite v4.1.0 — Consensus Assessments Initiative Questionnaire Lite v4.1.0

Consensus Assessments Initiative Questionnaire (CAIQ) Lite v4.1.0 is a streamlined cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate cloud service providers using a standardized approach. It includes 138 focused questions across 17 security domains, enabling efficient vendor due diligence, third-party risk management, and security posture assessments.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityFrameworkStandard

CCM v4.1 — Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) • v4.1

View details
CybersecurityStandard

SOC-CMM — SOC-CMM Assessment Tool

The SOC-CMM model is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis was then validated by questioning several Security Operations Centers in different sectors and on different maturity levels to determine which elements were actually in place. The output from the survey, combined with the initial analysis is the basis for this self-assessment. For more information regarding the scientific background and the literature used to create the SOC-CMM self-assessment tool, please refer to the thesis document as available through: https://www.soc-cmm.com/

SOC-CMM

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call