We are pleased to share with you the publication of the Agreed Interpretations V2.3 and the Security Controls Framework (SCF) V2.5 Part 1 and Part 2. Both tracked-changed versions and clean versions can be found on the website.
The Agreed Interpretations have been updated to include:
- An update to Section 4 to clarify requirements when utilising a cloud environment to provide Separation.
The SCF Part 2 has been updated to include:
- Updates to Part 2 Appendix B to include guidance on the use of cloud computing, including key points from the NCSC Cloud Security Principles.
- Minor update to Part 2 Appendix F to include a clarification in the scope of a Verification User Security Assessment.
If you have any questions on the above, please contact SSC@gemserv.com