Unified Compliance Confirms MetricStream as First Ever to Utilize Patented Real-time Risk and Compliance Framework API in IT GRC Software

September 20, 2016 | News/Articles, Press Releases

MetricStream is the first Governance, Risk, and Compliance (GRC) solution provider to take advantage of the Unified Compliance Framework's (UCF) real-time Common Controls Hub library of Authority Documents, Common Controls, and Audit Guidelines.

Lafayette, CA--September 14, 2016--Unified Compliance confirmed today that MetricStream, a market leader in GRC management applications, is the first Unified Compliance developer to ship the UCF Common Controls Hub (CCH) content within its IT GRC software, via the CCH API. This allows MetricStream’s IT GRC application to directly interface with the CCH’s content (Authority Documents, Citations, and Common Controls) enabling their customers to access Authority Document updates in real time as they become available.

“Today’s modern, global, and highly networked organization requires real time intelligence and information to support its IT compliance and Risk Management initiatives,” Vasant Balasubramanian, Senior Vice President of Product Management at MetricStream said. “The significant feature of this integration is that users will have direct access to the UCF Common Controls Hub™ for Authority Documents, Citations, Common Controls, Audit Questions, and more. The international regulations, standards, guidelines, and best practices of specific interest to customers’ organizations can now be automatically shared with the MetricStream GRC Libraries which can then be leveraged for compliance self-assessments and audits."

Craig Isaacs, CEO of Unified Compliance, said, “We are proud to partner with MetricStream as Unified Compliance’s first developer to integrate our content within its IT GRC solution via the CCH API. Previously, MetricStream loaded the UCF data into their application four times a year. Now UCF data will be brought directly into MetricStream’s app, definitely streamlining the whole Authority Document update process, and improving the efficiency and effectiveness of their customer’s overall Governance, Risk Management, and Compliance programs.”

The Common Controls Hub™, the SaaS portal to the Unified Compliance Framework® (UCF®), gives rapid access to a massive library of more than 200,000 individual mandates from 800+ international laws and standards. The Common Controls Hub API is the first API ever to allow access to a patented Governance, Risk, and Compliance framework. The API allows GRC vendors to access and write to the UCF Common Controls framework in order to build complex and robust products without the worry or hassle of having to map their own content. It also allows customers to have a single API license that lets them connect their selected Common Controls to Unified Compliance developers’ GRC apps without having to pay for UCF content licenses for each GRC tool or auditing partner.

# # #

About Unified Compliance and the UCF

Since 1992, Unified Compliance has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance. The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.

Honored twice with a GRC Innovation Award for Technical Innovation in Regulatory Intelligence for Compliance Management by independent governance, risk, and compliance (GRC) analyst firm GRC 20/20 Research, the UCF provides targeted, harmonized research on what an organization needs to do — and not do — to achieve and maintain compliance with industry, government, and best practice demands.

The UCF’s architecture was specifically designed for the delivery of all of the information necessary to establish governance methodologies. Customers using the UCF data can document and leverage the links between harmonized controls, records, assets (and their configurations), events, metrics, and roles.

More information can be found at and

About MetricStream

MetricStream is the market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions. MetricStream solutions are used by leading global corporations in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing to manage their risk management programs, quality management processes, regulatory and industry-mandated compliance and other corporate governance initiatives. MetricStream’s customers include UBS, Société Générale, Pfizer, Philips, Cummins, Kellogg’s, Mondelez International, SanDisk, and NetApp. In May 2016 MetricStream was positioned as a leader in both IT Risk Management Solutions and IT Vendor Risk Management by Gartner. MetricStream also owns and operates the portal - the largest GRC advisory network and one of the largest GRC communities. MetricStream is headquartered in Palo Alto, California, USA (

Media Contact:

Jody Mack

US: (702) 371-3303