Standards Release
Release 2026.Q3
Assessment basis: NIST CSF 2.0, CIS Controls v8
- Reviewed
- July 13, 2026
- Published
- July 13, 2026
Release summary
This release documents the assessment basis for Legacy Core's 15-part readiness assessment as reviewed on July 13, 2026. The readiness assessment is built on NIST Cybersecurity Framework 2.0 and CIS Controls v8. This cycle also begins monitoring NIST IR 8374 Rev. 1 (final June 11, 2026) and California CCPA §7123(c) for future alignment review. Monitored frameworks are tracked only and are not part of the assessment basis.
Assessment Basis
Frameworks the 15-part readiness assessment is built on.
- View framework →
NIST Cybersecurity Framework(2.0)
NIST
- View framework →
CIS Controls(v8)
Center for Internet Security
Monitored
Frameworks tracked for future alignment review. Not part of the assessment basis.
- View framework →
NIST IR 8374 Rev. 1 — Ransomware Risk Management (CSF 2.0 Community Profile)(Rev. 1)
NIST
New this cycle. Final June 11, 2026, superseding the 2022 profile. Under review against the current 15-area readiness assessment.
- View framework →
California CCPA §7123(c)
State of California
18-control structure.