Unified Compliance Framework Spreadsheets
The entire set of Unified Compliance Framework Spreadsheets, including the complete list of Authority Documents, all 13 Impact Zones, and a single spreadsheet with all UCF controls. The price includes a subscription to a full year of updates.

Single User

Corporate

$1,000.00

10,000.00

Metrics Management Toolkit
The Metrics Management Toolkit includes Implementing Metrics Management Guide, UCF Metrics spreadsheet, a project work breakdown structure (WBS), over 125 pre-defined metrics presentations and numerous templates. The price includes a subscription to a full year of updates.

Corporate

1,495.00

Media Disposal Toolkit
The Media Disposal Toolkit includes the Media Disposal Implementation Guide, UCF Media Disposal spreadsheet, a project work breakdown structure (WBS), and numerous templates. The price includes a subscription to a full year of updates. Limited time McCain Staffer special: was $129.95, now $99.95.

Corporate

99.95

Say What You Do Toolkit
No other policy and procedure framework focuses on ONLY the regulatory and contractual provisions that actually apply to you -- no more, no less. Use the Say What You Do Toolkit to protect your company from both risky compliance gaps and redundant, conflicting, and underperforming IT policies and procedures.

Single User

171.33

UCF Spreadsheet Bundle
All UCF Impact Zone Spreadsheets at a special discounted price. Save 38% by purchasing all UCF spreadsheets now.

Single User

Corporate

$1,000.00

10,000.00

Metrics Management Toolkit
The Metrics Management Toolkit includes Implementing Metrics Management Guide, UCF Metrics spreadsheet, a project work breakdown structure (WBS), over 125 pre-defined metrics presentations and numerous templates.

Corporate

1,495.00

Media Disposal Toolkit
The Media Disposal Toolkit includes the Media Disposal Implementation Guide, UCF Media Disposal spreadsheet, a project work breakdown structure (WBS), and numerous templates. The price includes a subscription to a full year of updates. Limited time McCain Staffer special: was $129.95, now $99.95.

Corporate

99.95

Acquisition of technology and services
This impact zone contains the controls necessary for the planning and documentation necessary when acquiring new hardware and software, including the assurance controls, cost controls, licensing controls, and testing controls necessary for compliance.

Single User

Corporate

125.00

1,250.00

Audits and Risk Management
This impact zone contains the controls necessary for establishing your internal audit and risk teams, conducting internal audits, and audit reporting.

Single User

Corporate

125.00

1,250.00

Configuration Management
This impact zone includes all the controls required for hardware and software configuration.

Single User

Corporate

125.00

1,250.00

Design and implementation
Whereas the acquisition impact zone covered what you need to know before you purchase hardware and software, the design and implementation impact zone covers all aspects of the design and implementation processes from the full project management standpoint to ensure that compliance is built in to the software or systems being designed.

Single User

Corporate

125.00

1,250.00

Human Resource Management
Many requirements now call for a full blown description of the IT organizational structure, and additional hiring practices such as security requirements. This impact zone begins with the hiring process and then moves through training, job descriptions, job performance, and the eventual end of cycle for staff members and third parties.

Single User

Corporate

125.00

1,250.00

Leadership and High Level Objectives
Beginning with the alignment of IT with the organization's strategies and tactics, this impact zone moves through the definitions of information classification, systems, organizing the compliance framework, and establishing a high level strategic plan for IT.

Single User

Corporate

125.00

1,250.00

Monitoring and Measurement
One of the keys to a successful compliance campaign is tracking your compliance. This means gathering the necessary evidence that you are doing your job. Therefore, this impact zone is concerned with monitoring and logging operations; risk, performance, and compliance monitoring and reporting.

Single User

Corporate

125.00

1,250.00

Operational Management
Operational management, as you might have guessed, is huge. It covers everything from roles and responsibilities though help desk operations, managing the IT configurations (systems hardening), capacity management, allocating costs, accountability, and all other day-to-day processes that keep an IT organization on track.

Single User

Corporate

125.00

1,250.00

Physical and environmental protection
This impact zone covers the IT facilities, the physical security of distributed IT assets, and the environmental controls necessary (such as power and air) for maintaining IT availability.

Single User

Corporate

125.00

1,250.00

Privacy protection for information and data
Privacy is one of our most cherished and valued assets. And yet, privacy breaches abound. This impact zone has the most controls (about a quarter of the total controls we have mapped so far!), and the most international controls by far. It covers the establishment of personal information collection boundaries, what you can and can't do with the information, and how you have to provide for the integrity and security of the information.

Single User

Corporate

125.00

1,250.00

Records Management
This impact zone covers computerized records as an integral part of each and every system. It also covers the definition and maintenance of your organization's records discovery program.

Single User

Corporate

125.00

1,250.00

Systems Continuity
Availability is one of the most critical aspects of information -- if it isn't available, the organization can't depend upon it. Therefore, this impact zone focuses on maintaining the continuity framework, establishing a continuity strategy, documenting continuity plans, alternate site preparations, and maintaining the continuity plan itself.

Single User

Corporate

125.00

1,250.00

Technical security
This impact zone contains the controls necessary for the planning and documentation necessary when acquiring new hardware and software, including the assurance controls, cost controls, licensing controls, and testing controls necessary for compliance.

Single User

Corporate

125.00

1,250.00

Say What You Do Toolkit
Other policy and procedure experts claim their methodologies are easy to use. But no other policy and procedure framework focuses on ONLY the regulatory and contractual provisions that actually apply to you -- no more, no less. Use this toolkit to protect your company from both risky compliance gaps and redundant, conflicting, and underperforming IT policies and procedures. Read More

Single User

171.33

Say What You Do eBook
Purchase just the eBook to get started. Read More

Single User

49.95

Say What You Do eBook Bundle
Purchase both the Say What You Do and Language of Compliance eBooks together and save 30%. Read More

Single User

55.93

Forms, Templates, and Samples
Learn how to write IT policies and procedures that meet actual regulatory and contractual requirements - no more and no less. Includes forms, worksheets, memos, Change Manager job description, and sample policies. Read More

Single User

34.95

Change Management Toolkit
Minimize downtime, understand the consequences of a change ahead of time, keep system documentation up-to-date, enforce system standards, and monitor the progress and effects of changes.

Single User

49.95

Systems and Information Classification
Do you know exactly which IT system supports which key information in your company? Compliance with every data protection regulation starts with categorizing your company's information. Use this standard to get a jump on mapping information to your IT systems.

Single User

49.95

The Language of Compliance ebook
The eBook is fully searchable, printable, and you can cut and paste from it.

Single User

29.95

The Language of Compliance MS Word version
The Microsoft Word version is fully editable, with CSS styles set in such a way that you can import the glossary into your favorite documentation system like PathWorks, Policy and Procedure Manager, RoboHelp, Flare, or even to your Sharepoint intranet server to share with your whole ofice!

Single User

79.95

The Language of Compliance ebook and Word version bundle
Buy both the e-book version and the MS Word version of the Language of Compliance and SAVE 30%!

Single User

79.93