Company Backgrounder

July 16, 2015

Who we are:

Since 1992, Unified Compliance® has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance.

By applying the scientific method to compliance — rigorously testing best practices and methodologies as well as analyzing and organizing information into a rational format — Unified Compliance has developed a logical approach to overall compliance that reduces cost, limits liability, simplifies the compliance process, and leverages the value of related technologies and services across the enterprise.

The Common Controls Hub™, our new SaaS portal built on the famous Unified Compliance Framework® (UCF), is our flagship product. The UCF's content and methodology is the direct result of our in depth understanding of regulations and standards and decades of experience consulting for clients, publications, and vendors in the mission-critical IT arena.

What we do:

The Common Controls Hub is unique; it was built on the famous UCF, the only industry-vetted compliance database framework that harmonizes intersecting controls from 800+ international regulatory requirements, standards, and guidelines. The Hub simplifies the need to research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally scope, define, maintain, and track regulatory demands online. The Common Controls Hub transforms a massive compilation of data into a set of straightforward requirements, customized to a company’s individual needs, that clearly show the many points where global, state, and industry regulations overlap.

Finding these redundancies enables an organization to reduce their regulatory burden typically by about 60%, and cut their compliance-related costs by 40-50%.

Who developed the UCF?

The UCF was created by Dorian Cougias, company co-founder and lead analyst, and his research partner, Marcelo
Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.

Dorian Cougias is a recognized expert on the subject of IT compliance, a frequent speaker at technology conferences, and has authored many articles and several books, including The Compliance Book and The Language of Compliance.

As chief architect, Dorian designed the UCF specifically for the delivery of the information necessary to establish governance methodologies. That is what separates the UCF from all other models and GRC architectures — it is the only information architecture built on the solid ground of reality and the real world delivery of governance information. As a result, Unified Compliance has cornered the market with the largest, broadest compliance methodologies in the world, including methodologies for solid research, cross referencing glossary, fact checking, and editorial to maintain the high standards enjoyed by the customers and vendors of the UCF.

Media Coverage

The UCF was honored with a 2014 GRC Technology Innovation Award by independent GRC analyst firm, GRC 20/20. In addition, the UCF was granted the first ever patent for a GRC framework.

Gartner Research & Advisory firm highlighted the UCF in its Cool Vendors in Risk Management and Compliance. Gartner defines a cool vendor as a company “with innovative, impactful, and intriguing technologies or solutions which enable users to do things they couldn't do before,” and praised the UCF for providing a tool that “reduces complexity and cuts the costs of compliance and audit ...ensures a thorough legal review of the mappings to the authoritative sources” and is inexpensive ... “just about anyone can get some value from the UCF even if your organization has already put the effort into developing your proprietary mapping.”

Additionally, the UCF was cited as the “common language for overlapping compliance standards” by the IT Knowledge Exchange and was described as “an incredibly useful tool” by Paul Roberts, a senior analyst at The 451 Group, who stated “Vendors such as Archer Technologies, Microsoft, and OpenPages have all licensed UCF content for use in their GRC products, and we expect more to sign on as customers look for help cutting through the Gordian Knot of compliance mandates.”

David Schneier of wrote, “...and for those people who understand governance and are committed to advancing it from theory to practice, this is something akin to the Holy Grail.”

The UCF plays a critical role behind the scenes for the GRC industry. eWeek said, “Some of the best of these GRC tools, whether as stand-alone packages or integrated with larger enterprise management software, are based on the Unified Compliance Framework®.”

Partial Customer List

Agilent                                   JM Family Enterprises

AIG                                          Kaiser Permanente

Apple                                      KPMG

Aspect Software                 London Life Ins.

Bell State Bank & Trust     Nike

Boeing                                   Paylocity

Capella Healthcare            Proctor & Gamble

Cathay Bank                         Ryder Truck Rental

Crowe Horwath LLP          Seccuris, Inc.

Discover                                Travelers

First Advantage                   US Bank

Georgia State Univ.            Verifone

Grant Thornton, LLP          Walgreens

Honeywell                            WorldwideTechnology

Partial Vendor Partners List

Allgress                                  NetIQ

BWise                                     RSA Archer

CAaNES                                 SDG Corp

IBM OpenPages                  ServiceNow

LockPath                              Symantec

McAfee                                                Software AG

MetricStream                     TraceSecurity

Microsoft                              Wolters Kluwer