Governance Frameworks Portal
Policy & Guidance
Foundational documents, global compliance architectures, identity baselines, software supply-chain guidance, and legislative reference material organized into operational buckets.
Authoritative Frameworks
Department of Defense reference architecture for cybersecurity alignment.
Security and privacy control catalog for information systems and organizations.
Risk management framework for system authorization and continuous monitoring.
Original NIST cybersecurity framework reference baseline.
Current NIST cybersecurity framework with governance as a core function.
Cross-sector cyber performance goals for baseline resilience.
Information type and system categorization references, volumes 1 and 2 plus interagency working draft.
Commercial standard reference. Source-only to avoid unauthorized redistribution.
Zero-Trust Architecture
Canonical zero-trust architecture reference.
Federal maturity model for zero-trust capability planning.
Applied zero-trust implementation reference from NCCoE.
Cloud & Identity Baselines
Cloud identity and access management baseline risks.
Authentication and digital identity assurance guidance.
Statutory Regulatory Text
Administrative simplification reference for healthcare data handling.
Appendix A security standards matrix.
Implementation guidance for the HIPAA Security Rule.
Commercial payment-card standard portal. Source-only access.
Organizational Templates
Resource overview for applying the Cybersecurity Framework.
Use CSF and NIST overview resources as organizational adoption templates.
Supply Chain & Infrastructure
Security requirements for controlled unclassified information in nonfederal systems.
Secure software development framework for modern delivery pipelines.