|
For Immediate Release
Contact:
Craig Isaacs
UNIFIED COMPLIANCE FRAMEWORK ADDS HARMONIZED CROSS PLATFORM CONFIGURATION MANAGEMENT CONTROLS TO EASE REGULATORY COMPLIANCE
UCF Controls Set the Standard: Adopted by CA, NetIQ, and More OAKLAND, CA - March 19, 2008 -Network Frontiers, the leader in IT regulatory compliance management, today announced the availability of the Q1 2008 Unified Compliance Framework (UCF), the first independent database to simplify IT compliance. This latest version of the UCF harmonizes cross platform configuration management controls into a single set of harmonized controls, furthering UCF as the standard approach to integrated compliance. UCF acts as the cornerstone of IT compliance, mapping hundreds of regulations, including PCI-DSS (Payment Card), Sarbanes-Oxley, HIPAA, CobiT, and NIST, into a master hierarchal framework. "Our approach is unique: only the UCF harmonizes IT controls from over 400 international regulatory requirements, standards, and guidelines from both technical and legal perspectives," stated Dorian Cougias, CTO of Network Frontiers. "Rather than testing and asserting compliance for each individual regulation, IT organizations use the UCF to save an incredible amount of time and money by distilling compliance requirements to their essence and asserting compliance across multiple authority documents simultaneously." The UCF approach has set a new standard for compliance management and has been adopted by the industry's leading compliance management systems. Since UCF was first introduced to the market in 2006, Network Frontiers has examined and categorized 13,865 individual controls and has achieved more than an 83% harmonized reduction rate. Solid research, referencing, fact checking, and editorial methodologies have contributed to UCF's success, and its growth has been spurred through product integration with industry leaders including Computer Associates and NetIQ. "CA GRC Manager integrates the Unified Compliance Framework as an essential resource for the mapping of current controls and regulations as well as the rapid support of future compliance requirements," said Marc Camm, vice president of governance, risk and compliance products at CA. "CA GRC Manager offers a centralized system to create and store policies, ensure compliance with those policies and manage the risks associated with non-compliance. Since the UCF harmonizes thousands of controls, our customers are able to simplify compliance and proactively address new and updated regulations, resulting in a more comprehensive and cost-effective enterprise compliance program." "NetIQ's Secure Configuration Manager is a best-of-breed solution that gives customers fully automated compliance management capabilities," said Matt Ulery, director of product management at NetIQ, an Attachmate business. "We selected the Unified Compliance Framework because it is the standard for integrated compliance. The UCF allows us to deliver the leading controls content and focus on our core competency of delivering IT and security management solutions." The UCF organizes real-world IT processes into 12 IT Impact Zones. Each zone deals with one area of policies, standards, and procedures, such as Audits and Risk Management or Systems Continuity. Within each IT Impact Zone, a company can map the overlap between multiple authority documents, create a control list for each impact zone, and clarify any conflicts created by overlapping authority documents. With the new configuration management controls, UCF is further strengthening the ability to centralize IT compliance management. Compliance requirements are continuously changing and growing, and the UCF continues to increase the breadth and depth of legal coverage of technical requirements. A complete list of currently tracked authority documents can be found here. Authority documents currently being added to the Unified Compliance Framework can be found here. About the UCF The Unified Compliance Framework is the first independent initiative to exclusively support IT compliance management by focusing on commonalities across regulations, standards-based development, and simplified architectures. Unified Compliance's strategic approach to IT compliance reduces cost, limits liability, and leverages the value of compliance-related technologies and services across the enterprise. The UCF simplifies compliance and standards through a harmonized set of controls within which all regulatory standards and best practices can be mapped. Currently, more than 400 individual international regulations, standards, and best practices have been mapped to the UCF, including Sarbanes-Oxley, HIPAA, PCI-DSS, Visa CISP, Amex DSS, MasterCard EC Architecture Best Practices, Basel II, Gramm-Leach-Bliley, FERC, ISO 15489, and CobiT. The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Latham and Watkins, which oversees all legal aspects of the UCF. More information can be found at www.unifiedcompliance.com. About Network Frontiers Since 1992, Network Frontiers has been at the forefront of IT best practices and author of numerous books, including The Compliance Book and the award-winning Backup Book: Disaster Recovery from Desktop to Data Center. The content and methodology of the Unified Compliance Framework is the result of Network Frontiers in-depth understanding of IT regulations and standards as well as real-world experience consulting for clients, publications, and vendors in the mission-critical IT arena. For more information, visit www.netfrontiers.com. # # # |
UCF Adds Harmonized Cross Platform Configuration Management Controls