Introduced in 2014, the NIST Cybersecurity Framework (CSF) provided voluntary guidelines to help organizations improve their cybersecurity practices, quickly gaining adoption across industries. The release of CSF 1.1 in 2018 expanded its focus on supply chain risk management and enhanced guidance on authentication and identity proofing. The latest update, CSF 2.0, finalized in February 2024, introduces a new "Govern" function and refines core functions to address modern cybersecurity challenges, reinforcing its role in proactive risk management.

IT General Controls (ITGCs) are essential controls that govern all systems, processes, and applications within an organization’s IT environment, ensuring security and stability. Their main goals are to prevent unauthorized access, maintain data accuracy, and ensure system reliability, which directly affect data confidentiality, integrity, and availability. ITGCs provide a framework for managing IT risks and ensuring compliance with regulatory standards.