Framework Implementation Guide 2.0

The Trusted CI Framework Implementation Guide (FIG) version 2.0 is in development. This updated guide will include our lessons learned over six Framework Cohorts, as well as more detailed roadmaps to help organizations make progress on the 16 Musts. The Framework Implementation Guide v2.0 will be released chapter by chapter over the coming years.

Large All Pillars.png

Key Features of the Update:

  • Updated content reflecting Trusted CI’s most up-to-date guidance.

  • Templates and Tools paired with each Must to help organizations implement each Must.

  • A running example, SasqWATCH, showcasing one approach a research organization could take to implement each Must.

  • Community-informed revisions to ensure practical applicability.

We invite organizations to engage with each release as it becomes available and to contribute feedback that will help shape future iterations. To be notified about new chapter releases, join the Trusted CI Announcement list.

The Framework Implementation Guide version 1.0 is available on Zenodo:

Download The Framework Implementation Guide v1.0

Revised FIG Chapters

Introduction

Must 1: Mission Focus

Must 2: Stakeholders & Obligations

Must 3: Information Assets

Must 4: Asset Classification

Must 5: Leadership

Must 6: Risk Acceptance

Must 7: Cybersecurity Lead

Must 8: Comprehensive Application

 

Must 9: Policy

Must 10: Evaluation & Refinement

🆕 Must 11: Adequate Resources

Must 12: Budget

Must 13: Personnel

Must 14: External Resources

🆕 Must 15: Baseline Control Set

Must 16: Additional & Alternate Controls

🆕 Appendix S: SasqWATCH Fact Sheet


We want to hear from you! Trusted CI will revise and refine the Framework Implementation and its templates and tools based on community feedback and experiences.

Submit your feedback and experiences through our linked Google Form.

For other inquiries, reach us at framework@trustedci.org.