cyris360-framework

CYRIS360 Cyber Risk Framework (CRF)

Setting up and operating a successful cybersecurity program can be overwhelming, particularly for small and medium businesses. That is why CYRIS360 has created the Cyber Risk Framework (CRF), as a modular set of work packages that can customized and tailored to your own organization .

The CRF include 8 loosly coupled work packages, grouped in 3 layers :

1. Cyber Risk Governance

1.1 Program & Metrics

1.2 Policy & Compliance

1.3 Training & Awareness

2. Cyber Risk Implementation

2.1 Corporate Security

2.2 Product Security

3. Cyber Risk Operations

3.1 Offensive Security

3.2 Vulnerability Management

3.3 Incident Management

Getting Started

You can check the guide in Getting Started. This include a step-by-step guide instruction, as well as answers to frequently asked questions. If you have any question or comments, you can submit it in the Discussion section.

Contributing

Want to contribute to CYRIS360 Framework ? That’s great! Please make sure you file an issue to discuss your proposal. Then you can push your proposal to a separate branch and open a pull request.

How to get your pull request accepted?

• Make sure your pull request is mapped to one and only one issue.
• Try to use commit messages that are self-explanatory.
• Make sure your local repo is in sync.
• If your contribution include a link to an external resource, please explain your relation with the referred domain owner.
• Promoting free or paid tools or services is not appreciated.
• Please make sure your read and comply with the code of conduct.

Support Us

You can show your support by:

• Starring this repo.
• Use and share with your network.

License

See License file.

This site is open source. Improve this page.