Sign Up for the Common Controls Hub

Try It or Buy It?

Upgrade Your Basic Subscription

Create a Hub that fits your company's needs

    • $
    • 0
    • / YR
    • Quickly compile Controls lists customized for your organization.
    • Figure out which controls overlap to reduce workload.
    • Nothing to Download or Install. No Credit Card Required. No Time Limit.
    Sign Up For Free
  • Customizable
    • $
    • 4,995
    • / YR
    • 3 User Access
    • 5 Custom Builds
    • Authority Document Comparisons

    Customize your Basic Subscription

    Sign Up
  • Basic Subscription Includes

    • 3 User Access,
    • 5 Custom Builds,
    • Authority Document Comparisons

    • “The UCF Common Controls Hub is the fastest and most effective tool for compliance mapping. It is so intuitive you can quickly get started and all the resources we used to spend on this can now focus on generating more business. The speed at which I analyze regulations now is drastically improved. I can do in minutes what used to take several hours or days to accomplish.”

      Carlos Pelaez
      National Practice Leader Coalfire
    • “Performing control and standards research could take several days in my old job, and there was always the concern that I might have missed some critical frameworks or entire regulations. With the UCF, I can do that same research and summarization in hours and have the confidence that any major framework, standard, or regulation was comprehensively reviewed. The UCF allows me to better focus my time on other important information security activities.”

      Rudy Montoya
      Information Security and Regulatory Compliance Aspect Software
    • “We’ve been using the UCF for several years and it has continued to be the single most powerful compliance and regulation resource we have. UCF allows you to focus your efforts, increasing speed of compliance activities and decreasing risk of incomplete or inconsistent strategies, policies and controls. Regardless of the size of your organization you will see an immediate value in incorporating the UCF into your program and processes.”

      Michael Legary
      Chairman & Chief Strategy Officer Seccuris Inc.
    • “The UCF has saved me countless hours of research on the Internet. Having direct access to the authority documents for standards, regulations and guidelines in one convenient location has helped me turn around compliance initiatives such as HIPAA compliance in a fraction of the time compared to what it used to take me prior to using the UCF.”

      Edgar Cooke
      Manager Information Security & Compliance USAN
    • “We have used the UCF compliance package tool for many assessments! The availability to pull the governance requirements is outstanding especially for each State. We also use it for quick references with building specific test plans.The UCF compliance package is a tool that we would like to keep in our tool bag!”

      Steve Fisher
      IA SME Patchadvisor
    • “We both use the UCF and recommend it to our clients. I can’t think of an organization that we work with whose core business is keeping track of the myriad of regulations that affect IT, not just in the US but overseas, but many spend a lot of effort doing just that. Why bother, when the UCF does all of the hard work, and allows you to focus on actually implementing controls to reduce risk to your organization, rather than working out how to interpret legislation? If that isn’t enough praise, for the amount of work that has gone into the UCF, it is incredibly competitively priced. We got almost instant return on our investment in UCF licenses and you will too.”

      Aaron Weller
      CEO & Co-founder
      Concise Consulting
    • “I have used the UCF for 6+ years now, first as a Consultant and later as a full time InfoSec manager responsible for Governance, Compliance, and controls. The UCF has helped me in Business Impact Analysis and Risk Analysis functions for my work. It has saved me countless hours and reduced the cost associated with managing the complexity of IT risk and compliance by standardizing on a common set of controls that map to all the regulations and policy mandates they need to comply with.”

      Gary Everekyan
      VP, Information Security
      A large financial organization
    • “At Cint, we are using UCF as information source for our Legislation guidelines matrix covering many countries all around the world. As Cint is ISO 20252 certified, these guidelines are an important part of our quality management where we are ensuring we always comply with the local laws and restrictions. The UCF helps us to keep the Legislation matrix up-to-date in a fast and easy way.”

      Veronika Oudova
      Business Analyst/Quality Management Cint
    • “GRC Sphere members have concluded that the Common Controls Hub provides the greatest strategic value for their GRC program initiatives, not only as the System-of-Record for their compliance management Centers-of-Excellence, but also through these astounding operational reductions: 60% reduction of Internal Controls, 40% reduction in Labor Overhead, 50% reduction in Labor Overhead associated with remediation/change requests, 30% reduction in Labor Overhead associated with prepping for an audit.”

      Phil Wilson
      Architect; Member Programs & Services The GRC Sphere
    • “I'm one of your clients who recently upgraded to the corporate UCF. Kid in a candy store is all I can say.”

      Mark E. Potter
      Chief Information Security Officer Danya International, Inc.

Common Questions

    • Why should I sign up for the Starter Account?

      There are many benefits to the Starter Account:
      • Use the free account as a fantastic compliance research tool.
      • Sort through the most up-to-date compliance regulations
      • Compile customized Common Controls lists in minutes
      • Integrate new mandates with existing controls
      • Drill down for fast access to important research on the regulations
      • Do a gap/overlap analysis to figure out which controls overlap

    • What are the benefits to using the Common Controls Hub?

      • Saves time because we did the research, mapped the regulations, and distilled them all into a set of unique citations mapped to distinct common controls.
      • Cuts your costs, streamlines compliance initiatives, and allows for faster, more informed decision-making.
      • Highlights the overlaps and redundancies between controls to reduce requirements to the bare minimum needed to comply
      • Shows which actions are required by each regulation
      • Tracks compliance regulations and all Authority Documents, their changes, their individual issuers, and their terms and acronyms. Updated regularly.
      • End-to-end transparency shows how the Authority Documents you are following connect to their citations, which connect to the appropriate controls, which connect to Assets, Roles, Events, etc.

    • What do I get with a Basic Subscription?

      A Basic Subscription includes 3 users, 5 Custom Builds (spreadsheet exports), and unlimited Authority Document comparisons.

      A Basic Subscription may be upgraded by purchasing more builds for a one time cost of $99 each.

      Purchase more subscriptions for as many additional users as needed for $99 each.

      Add Custom Compliance Templates for $5,000/yr.

    • What is a Build?

      A build is generated based on the Authority Documents you've selected; then export and download curated, Excel spreadsheets that are customized to your company's requirements.

      Download Custom Compliance Templates in MS Word too, if you have subscribed to them.

    • What do you mean by Scope, Define, and Maintain?

      Scope: The Common Controls Hub integrates critical legal and technical data to meet the needs of compliance officials, subject area experts, and lawyers. Creation of customized controls lists takes only seconds by selecting the specific industries, market segments, and geographies that apply to your organization.

      Define: Each mandate is transparently presented to allow you to customize any Common Control list to meet your specific geographic and vertical requirements.

      Maintain: Automatically track the changes required by new or updated laws and quickly assess any incremental changes required, rather than having to complete an entirely new assessment.

    • What are Custom Compliance Templates?

      Build Custom Compliance Templates to meet your organization’s compliance requirements. Some examples of these templates include:
      • Auditing Process Roles &
      • Business Continuity Plan Reporting
      • Compliance Monitoring & Auditing
      • Incident Handling Management
      • Information Security Testing &
      • Internal & External Audit Reporting
      • IT Security
      • Password Procedures
      • Red Flags Monitoring
      • Systems Implementation
      • Systems Risk Monitoring & Testing
      • Vulnerability Management

      Add Custom Compliance Templates to your CCH subscription.

    • Does the Common Controls Hub replace my GRC software?

      Use the Common Controls Hub to connect to the most popular GRC software.

    • What is the API add-on?

      The API add-on allows you to connect other software to the UCF via your Common Controls Hub account.