Publication of the Security Controls Framework v2.6

17 February 2022

We are pleased to share with you the publication of the Security Controls Framework (SCF) V2.6 Part 1 and Part 2. Both tracked-changed versions and clean versions can be found on the website.

The SCF Part 2 has been updated to include:

  • Guidance on compliance with security obligation G3.29 (the use of Private Keys to create Digital Signatures)
  • Appendix B updates to reflect references to the Principles and Indicators of Good Practice for Operators of Essential Services (OES) set out in the Cyber Assessment Framework (CAF) v3.0.

If you have any questions on the above, please contact

Thank you