# Support for Secure Controls Framework (SCF)

Sprinto now supports both the **Secure Controls Framework (SCF)** and the **Common Control Framework (CCF)**, giving your organisation flexibility in how you structure and manage compliance controls. This enables alignment with your internal GRC strategy while leveraging Sprinto’s automation and mapping capabilities.

***

### **Set the Default Control Pack During Signup**

When creating a new organisation via a signup link, you can predefine the default control pack that will be used for future framework activations.

To configure the default control pack:

1. Go to the **Signup Link** configuration screen.
2. Locate the **Default Control Pack** setting.
3. Choose one of the following options:
   * **CCF (Sprinto Default Controls)**
   * **SCF (Secure Controls Framework)**

Once set, all future framework activations for that organisation will default to the selected control pack—if the framework supports it.

***

### **View Enabled and Available Frameworks**

The **Frameworks** page has been redesigned for improved visibility and categorisation.

To access it:

1. Navigate to **Compliance > Frameworks**.
2. You’ll see two distinct sections:
   * **Enabled Frameworks** – Frameworks currently active in your account.
   * **Available Frameworks** – A library of additional frameworks you can activate.

Use the tabbed interface or toggles to switch between the two sections.

***

### **Enable Frameworks Using Control Pack Logic**

When enabling a new framework, Sprinto applies control mappings based on your organisation’s default control pack.

#### Mapping Logic:

* If the selected framework is compatible with your **default control pack** (SCF or CCF), that pack is applied automatically.
* If the framework **does not support** your default pack, Sprinto falls back to the next best compatible pack (typically CCF).

**Example:**

* If your organisation has SCF set as the default, and you enable **SOC 2**, Sprinto applies **SCF** controls (as SOC 2 supports both).
* If you enable a framework like **Rainbow**, which supports only CCF, Sprinto applies **CCF** controls by default.

#### To enable a framework:

1. Go to **Compliance > Frameworks**.
2. Go to the **Available** tab.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FAC5faYpCOo169MjRU9M0%2FScreenshot%202025-10-23%20at%2014.23.31.png?alt=media&#x26;token=f896a745-88fc-4669-982d-216a5fca30af" alt="" width="563"><figcaption></figcaption></figure>

3. Select the framework you wish to enable.
4. Click **Enable framework**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FW5xdEF8golQcPIaLSGTj%2FScreenshot%202025-10-23%20at%2014.25.41.png?alt=media&#x26;token=0d1ed856-f8c2-4f11-8e2c-20a417eba38a" alt="" width="563"><figcaption></figcaption></figure>

5. Sprinto will apply the appropriate control pack based on your organisation’s settings.

***

### **Request a Custom Control Pack Mapping**

If you need to override the default control pack applied to a framework:

1. Raise a request in the **#special-ops** Slack channel (or via your support contact).
2. Specify the framework and the control pack you wish to apply.
3. The Sprinto team will update the mapping using internal tools.

{% hint style="warning" %}
Manual overrides are processed by Sprinto and may take up to 24 hours to complete.
{% endhint %}