Official UC blog

Compliance 2012: Harmonize Controls Or Pay The Price

Written by UCF | Jan 12, 2012 12:17:34 AM

LAFAYETTE, CA, January 12, 2012 -- 2011 was an outstanding year for Network Frontiers, the premier provider of IT Compliance mapping and creators of unifiedcompliance.com And 2012 is set to be another breakout year for the company, as tactical decisions made over the past 12 months have positioned Network Frontiers to once again provide exactly the information and solutions businesses will need to manage compliance in 2012.

The UCF maps IT controls from over 400 international regulatory requirements, standards and guidelines and is updated quarterly. Network Frontier's unique methodology transforms this massive compilation of data into a single set of straightforward requirements that clearly shows the many points where multiple regulations overlap, enabling businesses to quickly create a customized set of controls that fully leverage their existing compliance policies, processes, and tools.

Usage of the Unified Compliance Framework, the only industry-vetted compliance database, continues to grow in leaps and bounds as businesses increasingly see the financial and productivity value of harmonizing IT controls to cope with the ever-increasing complexity of regulatory demands. With eight of the fifteen largest software companies in the world now licensing the UCF, as well as twenty-five leading regulatory management solutions development partners, Network Frontiers continues to strengthen its leadership position.

Network Frontiers remains committed to providing the information and solutions that businesses will need to manage compliance in 2012, including monitored and triggered events, the Manual of Style, and free tools to guide and enhance companies' compliance planning and implementation.

Network Frontiers 2011 achievements include:

  • The addition of UCF Monitored Events which allows policy to directly influence technical implementation and establish clearly defined actions based on events, exactly as required by compliance law, standards, and security best practices. We added 117 new events organizations need to either monitor for, or react to, or both.
  • The joint release with LockPath of the first online Compliance Dictionary, drawing on methodology developed over almost a decade of supporting IT best practices. Accessible at no charge at ComplianceDictionary.com, the Compliance Dictionary is the only lexicon of its kind, online or off, and is standardized and searchable.
  • A deepened focus on Risk Assessment and Risk Management, in alliance with the broad movement towards risk based controls in regulatory demands and a growing interest in this methodology from our partners and enterprise clients.
  • The addition of 5334 Citation references and 43 Authority Documents. The new citations are mapped to just 1447 UCF Controls, a potential 3 to 1 reduction in audit steps an organization would have to follow in order to comply with the Authority Documents. In addition, we created 440 new Controls in the UCF database to support the new 5334 Citations.
  • Publication of The Unified Compliance GRC Manual of Style, available in both Word and PDF formats, to all UCF licensees. Even small variances in language, including misspellings and typos, can make it very difficult, and sometimes impossible, to properly configure the automated compliance tools many organizations now rely on.

“Looking forward, our new focus for 2012 includes connecting the best compliance, security, and monitoring tools through the UCF,” says Dorian Cougias, company co-founder. “Each application will communicate to the other applications, and the users of these tools will understand the legal and security implications of the entire system and, more importantly, any changes to the system.”

“2012 will also see a new Online Mapping Tool (OMT),” Cougias continued. “The OMT will allow all subject experts, content providers, and other third parties to quickly and easily generate content in a format similar to the UCF. Since the content uses our database schema -- our Framework -- it will work seamlessly across compliance, security, and monitoring tools.”

The UCF is the trusted source for business compliance management and has been licensed for use by industry leaders for use in their own governance, compliance and risk management solutions. UCF Partners now include Akibia, ANX, Archer, BWise, ControlScan, LockPath, Lumension, Microsoft, NetIQ, OpenPages, Prevari, and Wolters Kluver. Many more licensees will be announced when they have fully incorporated the UCF into their product offerings.

The UCF is also available for direct purchase, in spreadsheet format, from Network Frontiers. To request a free UCF spreadsheet sample, email sales@unifiedcompliance.com.

“2011 has been an incredible year for the Unified Compliance Framework,” says Craig Isaacs, CEO of Network Frontiers. “The number of applications leveraging the UCF -- and, more important, the number of UCF tables leveraged in these applications -- has increased dramatically. UCF customers will see the number of new applications leveraging the UCF nearly double within the next twelve months as the wave of new licensees from 2011 release their new or updated products.”

About Network Frontiers and the UCF

Since 1992, Network Frontiers has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance.

The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Latham and Watkins, which oversees all legal aspects of the UCF. More information can be found at unifiedcompliance.com.

About the Science of Compliance

By applying the scientific method to compliance -- rigorously testing best practices and methodologies as well as analyzing and organizing information into a rational format -- Network Frontiers has developed a logical approach to IT compliance that reduces cost, limits liability, simplifies the compliance process and leverages the value of related technologies and services across the enterprise.