Equifax is furthering its commitment to transparency in cybersecurity by making its security and privacy controls framework public for the benefit of security and privacy teams at organizations of all sizes.
Five core capabilities — cybersecurity, privacy, fraud prevention, crisis management and physical security — are represented in Equifax’s unified security and privacy controls framework. Equifax selected the National Institute ofStandards and Technology’s Cybersecurity Framework (NIST CSF) and Privacy Framework (NIST PF) as the foundation for its security and privacy controls because these guidelines support a comprehensive, defense-in-depth approach to security and privacy. Their flexible, risk-based structure can also be tailored to meet a company’s specific needs.
The Equifax security and privacy controls framework can be found on controlsframework.equifax.com.
