What is UCF

• What is the UCF?
• Who developed the Unified Compliance Framework?
• Using the Impact Matrices
• Currently tracked authority documents
• Documents being added

The 12 Impact Zones

• Acquisition of technology and services
• Audits and risk management
• Design and implementation
• Human resources management
• Leadership and high level objectives
• Monitoring and measurement
• Operational management
• Physical and environmental protection
• Privacy protection for information and data
• Records management
• Systems continuity
• Technical security
• FAQs
• Corporate Edition License Agreement
• Personal Edition License Agreement
• What is the difference between "Personal Edition" and "Corporate Edition"
• Can we upgrade from the "Personal Edition to the "Corporate Edition"?
• Will we get updates for the matrices?
• What happens after the first year?

IT Compliance Toolbox

• Say What You Do
• Say What You Do Toolkit
• Say What You Do eBook
• Say What You Do eBook Bundle
• Forms, Templates & Samples
• Free IT Policy Guide
• Effective technical communication
• Eats, shoots, and leaves
• Does you use correct grammar?
• Word choices
• Audience, clarity, logic, and brevity
• Inclusive modeling -- how to diagram your processes
• Frameworks
• How capability maturity relates to frameworks
• Why it is a bad idea to cut and paste from the standards
• A guideline for scoping controls
• Analyzing the acceptance of framework controls
• The major frameworks used for establishing IT controls
• Policies
• Creating policies
• Procedures
• Documenting your procedures
• Standards
• Documenting organizational standards
• Authors
• Marcelo Halpern
• Dorian J. Cougias
• Rebecca Herold, CISSP, CISA, CISM, FLMI
• Change Management
• The Change Management Toolkit
• Articles
• The classification table
• A definition of change management
• In order to manage change, you'll need a change model
• The Request For Change (RFC)
• Establishing the change management team
• Change logging and managing the change process
• Auditing your change management program
• Language of Compliance
• Acronyms
• Definitions
• Field Editor Signup
• Spotlight Definitions
• Major Organizations
• What are the principles that are behind all of this "compliance stuff?"
• A list of controls
• Regulations, principles, standards, guidelines, and controls
• Information Security vs. Information Assurance
• Systems and Information Classification
• Administrative Management
• Facilities, Fleet, and Equipment Management
• Help Desk Services
• Physical Security Management
• Travel
• Workplace Policy Development and Management
• Compliance Development and Enforcement
• Policies, Standards, and Procedures Publication
• Policy and Guidance Development
• Public Comment Tracking
• Regulatory Creation
• Inspections and Auditing
• Standards Setting/Reporting Guideline Development
• Controls and Oversight
• Program Monitoring
• Corrective Action
• Program Evaluation
• Credit and Insurance
• Direct Loans
• Loan Guarantees
• General Insurance
• Education
• Elementary, Secondary, and Vocational Education
• Higher Education
• Financial Management
• Payments
• Collections and Receivables
• General Retirement and Disability Program Management
• Unemployment Compensation
• Asset & Liability Management
• Financial Reporting Information
• Budget & Finance
• Accounting
• General Organizational Support
• Staff Income Information
• Personal Identity and Authentication
• Benefits Entitlement Event Information
• Representative Payee Information
• Strategic Executive Functions
• Centralized Fiscal Operations
• Legal Functions
• General Executive Functions
• Property Management
• Centralized Personnel Management
• Goods and Services Creation and Management
• Goods and Services Production
• Facilities and Infrastructure Management
• Construction
• Healthcare
• Consumer Health and Safety
• Health Care Services
• Human Resources
• Benefits Management
• Personnel Management
• Payroll Management and Expense Reimbursement
• Resource Training and Development
• Security Clearance Management
• Staff Recruitment and Employment
• Labor Rights Management
• Worker Safety
• Information & Technology Management
• System Development
• Lifecycle/Change Management
• System Maintenance
• IT Infrastructure Maintenance
• IT Security
• Record Retention
• Information Management
• Internal Risk Management and Mitigation
• Contingency Planning
• Continuity of Operations
• Service Recovery
• Disaster Preparedness and Planning
• Emergency Response
• Law Enforcement
• Criminal Apprehension
• Criminal Investigation and Surveillance
• Citizen Protection
• Property Protection
• Crime Prevention
• Legal, Litigation, and Judicial
• Judicial Hearings
• Legal Defense
• Legal Investigation
• Legal Litigation
• Resolution Facilitation
• Permits and Licensing
• Planning and Resource Allocation
• Budget Execution
• Workforce Planning
• Management Improvement
• Research Operations
• Budget Formulation
• Capital Planning
• Enterprise Architecture
• Strategic Planning
• Public Affairs
• Product Outreach
• Public Relations
• Customer Services
• Official Information Dissemination
• Revenue Collection
• Debt Collection
• Staff Fee Collection
• Organizational Asset Sales
• Supply Chain Management
• Services Acquisition
• Advising and Consulting
• Knowledge Dissemination
• Goods Acquisition
• Inventory Control
• Logistics Management
• Third Party Relations
• Third Party Program Proposal Development
• Third Party Program Tracking
• Third Party Program Project Information
• Third Party Liaison

Other Pages

• Contact Us
• Privacy Statement
• Search
• About Us