SOX News

Unified Compliance Framework Adds Harmonized Cross Platform Configuration Management Controls to Ease Regulatory Compliance

(March 19, 2008)-- Network Frontiers, the leader in IT regulatory compliance management, announced the availability of the Q1 2008 Unified Compliance Framework (UCF), the first independent database to simplify IT compliance. This latest version of the UCF harmonizes cross platform configuration management controls into a single set of harmonized controls, furthering UCF as the standard approach to integrated compliance. UCF acts as the cornerstone of IT compliance, mapping hundreds of regulations, including PCI-DSS (Payment Card), Sarbanes-Oxley, HIPAA, CobiT, and NIST, into a master hierarchal framework.

“Our approach is unique: only the UCF harmonizes IT controls from over 400 international regulatory requirements, standards, and guidelines from both technical and legal perspectives,” stated Dorian Cougias, CTO of Network Frontiers. “Rather than testing and asserting compliance for each individual regulation, IT organizations use the UCF to save an incredible amount of time and money by distilling compliance requirements to their essence and asserting compliance across multiple authority documents simultaneously.”

The UCF approach has set a new standard for compliance management and has been adopted by the industry’s leading compliance management systems. Since UCF was first introduced to the market in 2006, Network Frontiers has examined and categorized 13,865 individual controls and has achieved more than an 83% harmonized reduction rate. Solid research, referencing, fact checking, and editorial methodologies have contributed to UCF’s success, and its growth has been spurred through product integration with industry leaders including Computer Associates and NetIQ.

“CA GRC Manager integrates the Unified Compliance Framework as an essential resource for the mapping of current controls and regulations as well as the rapid support of future compliance requirements,” said Marc Camm, vice president of governance, risk and compliance products at CA. “CA GRC Manager offers a centralized system to create and store policies, ensure compliance with those policies and manage the risks associated with non-compliance. Since the UCF harmonizes thousands of controls, our customers are able to simplify compliance and proactively address new and updated regulations, resulting in a more comprehensive and cost-effective enterprise compliance program.”

“NetIQ's Secure Configuration Manager is a best-of-breed solution that gives customers fully automated compliance management capabilities,” said Matt Ulery, director of product management at NetIQ, an Attachmate business. “We selected the Unified Compliance Framework because it is the standard for integrated compliance. The UCF allows us to deliver the leading controls content and focus on our core competency of delivering IT and security management solutions.”

The UCF organizes real-world IT processes into 12 IT Impact Zones. Each zone deals with one area of policies, standards, and procedures, such as Audits and Risk Management or Systems Continuity. Within each IT Impact Zone, a company can map the overlap between multiple authority documents, create a control list for each impact zone, and clarify any conflicts created by overlapping authority documents. With the new configuration management controls, UCF is further strengthening the ability to centralize IT compliance management.

Share or bookmarklet this web page at: