Implementation Guidance
ABOUT THE FRAMEWORK | FRAMEWORK CORE | IMPLEMENTATION GUIDANCE | TEMPLATES AND TOOLS
Framework Implementation Guide 2.0
The Trusted CI Framework Implementation Guide (FIG) version 2.0 is in development. This updated guide will include our lessons learned over six Framework Cohorts, as well as more detailed roadmaps to help organizations make progress on the 16 Musts. The Framework Implementation Guide v2.0 will be released chapter by chapter over the coming years.
Key Features of the Update:
Updated content reflecting Trusted CI’s most up-to-date guidance.
Templates and Tools paired with each Must to help organizations implement each Must.
A running example, SasqWATCH, showcasing one approach a research organization could take to implement each Must.
Community-informed revisions to ensure practical applicability.
We invite organizations to engage with each release as it becomes available and to contribute feedback that will help shape future iterations. To be notified about new chapter releases, join the Trusted CI Announcement list.
The Framework Implementation Guide version 1.0 is available on Zenodo:
Revised FIG Chapters
Introduction
Must 1: Mission Focus
Must 2: Stakeholders & Obligations
Must 3: Information Assets
Must 4: Asset Classification
Must 5: Leadership
Must 6: Risk Acceptance
Must 7: Cybersecurity Lead
Must 8: Comprehensive Application
Must 9: Policy
Must 10: Evaluation & Refinement
Must 12: Budget
Must 13: Personnel
Must 14: External Resources
🆕 Must 15: Baseline Control Set
Must 16: Additional & Alternate Controls
We want to hear from you! Trusted CI will revise and refine the Framework Implementation and its templates and tools based on community feedback and experiences.
Submit your feedback and experiences through our linked Google Form.
For other inquiries, reach us at framework@trustedci.org.