This Proposed First Edition specifies a minimum set of cyber security controls for small and medium organizations. This Standard applies to organizations with less than 500 employees.

NOTE: This Standard may be applied by organizations with 500 or more employees.

Date posted: February 1, 2021
Comment due date: April 1, 2021