Unified Compliance Unveils the Common Controls Hub

By   ISBuzz Team
Writer , Information Security Buzz | Mar 22, 2015 05:05 pm PST

SaaS Portal Eases Compliance Burden by Allowing Companies to Create Customized Control Sets and Compliance Templates in Seconds

Companies are still struggling to understand and implement the needed policies and controls to meet mounting compliance mandates. To help compliance professionals keep pace with the ever-evolving regulatory demands, confidently manage risk, and ease resource and budget barriers, Unified Compliance today announced the general availability of its Common Controls Hub built on the Unified Compliance Framework (UCF).

The UCF Common Controls Hub is the fastest and most effective tool for compliance mapping. It is so intuitive you can quickly get started — and all the resources we used to spend on this can now focus on generating more business,” said Carlos Pelaez, National Practice Leader at Coalfire Systems, Inc. “The speed at which I analyze regulations now is drastically improved. I can do in minutes what used to take several hours or days to accomplish.”

Widely recognized as the best way for any organization to determine its IT, privacy, physical security, records management, and supply chain requirements, Unified Compliance’s new, dynamic portal gives users rapid access to its massive data repository of more than 90,000 individual mandates from 800-plus laws and standards from around the globe. Sorting through the most up-to-date demands, figuring out which controls they need to implement, and understanding how they overlap is now a quick process with a few simple mouse clicks.

“LockPath has leveraged the Unified Compliance Framework from the beginning because it is the most complete and accurate resource for harmonized controls. The introduction of the Common Controls Hub moves all of that powerful knowledge to a streamlined SaaS solution that will drive massive cost and time reductions for organizations and help power the most advanced GRC products available on the market,” noted LockPath CEO Chris Caldwell.

The Common Controls Hub simplifies the need to locate, research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally scope, define and maintain regulatory demands online. Companies can now automatically compile custom, harmonized control lists in minutes by vertical industries, market segments and geographies. Easing the spreadsheet headache, the Common Controls Hub also empowers compliance professionals to:

  • Effortlessly integrate new mandates with existing controls
  • Reduce governance, risk and compliance (GRC) requirements to the bare minimum
  • Create an instant gap overlap analysis to drastically reduce audit requirements
  • Generate hundreds of custom compliance templates and checklists for organizational standards, policies, roles, events and more

“We are the first step in the compliance process. Hundreds of compliance professionals have come to us before selecting a GRC solution in order to socialize the concept of ‘Harmonized Compliance’ to their organizations,” said Craig Isaacs, UCF CEO. “Our previous spreadsheets and compliance templates were great, but they were also overwhelming in that EVERY Common Control was included on the spreadsheets and templates. Now, organizations can see only those Common Controls that directly impact them.”

The UCF maps and identifies harmonized controls across authority documents, across industries including PCI for retailers, SOX for accounting practices, HIPAA for healthcare, NIST for the government, NERC for energy suppliers, etc. The UCF harmonization process alone typically results in a 65 percent reduction in the controls an organization needs to implement, generating massive compliance cost savings. With the addition of the online portal, companies can further drive down costs and refocus resources on more meaningful compliance tasks.

“As we move into 2015, the regulations and standards that address cybersecurity are only likely to increase and become more prescriptive,” added Mark Mitchell, Senior Vice President of Corporate Development at MetricStream. “Through our partnership with Unified Compliance, we’re looking to simplify the compliance burden by providing organizations with a comprehensive database of all major cybersecurity requirements, and helping them create a concise, harmonized list of compliance controls. This Common Controls Hub approach will save organizations considerable time, effort, and resources when it comes to cybersecurity compliance and, more importantly, will improve the efficiency and effectiveness of their overall Governance, Risk Management, and Compliance programs.”

The UCF’s patented GRC framework is used as a core component of advanced GRC solutions by leading software publishers, certified auditors and consultants worldwide.

“We always knew compliance would become an unsurmountable challenge without a new management method based on proven scientific principles,” noted Dorian Cougias, compliance scientist and co-founder of the UCF. “Our scientific methodology for mapping mandates into a common framework has enabled accurate identification of the overlaps across multiple authority documents for more than a decade, but, just like science, we continue to evolve.”

Pricing and Availability

The Common Controls Hub is now available as a free compliance research tool for users to research up to five authority documents at a time. Subscriptions to the Common Controls Hub are based on common controls access, custom compliance template creation and number of users. Corporate subscriptions start at $4,995.

About Unified Compliance and the UCF

Since 1992, Unified Compliance has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance. The UCF® was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF. Unified Compliance was recently granted the first-ever patent for a Governance, Risk, and Compliance (GRC) framework. The UCF was honored with a 2014 GRC Technology Innovation Award by independent GRC analyst firm, GRC 20/20. More information can be found at www.unifiedcompliance.com and commoncontrolshub.com/.