CYB 6010 · St. Francis College

Resources

Resources & Framework Alignment

Policy repository, standards references, and regulatory framework mapping for the SFC cybersecurity program.

Policy & Standards Repository

DocumentStatusVersion
Information Security PolicyDraft, pending board approval
v0.9
Incident Response PlanIn development, Month 3 target
Draft
Acceptable Use PolicyCurrent, revision scheduled
v2.1
Data Classification StandardPlanned, Month 6
-
Vendor Risk Management PolicyPlanned, Month 4
-

Framework Alignment

NIST Cybersecurity Framework 2.0

Govern · Identify · Protect · Detect · Respond · Recover

Primary governance structure

ISO/IEC 27001:2022

Annex A.6, A.8, A.15

ISMS design principles

FERPA

Student education records

Mandatory compliance

NY SHIELD Act

Breach notification

State regulatory requirement

CISA Education Sector Guidance

Critical infrastructure subsector

Baseline posture reference

NIST CSF 2.0 mapping

Govern

Identify

Protect

Detect

Respond

Recover

Primary alignment: Govern (board charter, RACI) · Protect (MFA, training) · Detect (SIEM, MTTD) · Respond (IR playbook) · Recover (backup validation)

Framework alignment

NIST Cybersecurity Framework 2.0 · Primary governance structure
ISO/IEC 27001:2022 · ISMS design principles
FERPA · Mandatory compliance
NY SHIELD Act · State regulatory requirement
CISA Education Sector Guidance · Baseline posture reference

St. Francis College Cybersecurity Governance Portal · CYB 6010 · For executive and board use