Quickly compile Controls lists customized for your organization.
Figure out which controls overlap to reduce workload.
Nothing to Download or Install. No Credit Card Required. No Time Limit.
You get the call from the boss you have been dreading for weeks. “Jimmy, it’s time to add FISMA to our control set, and we need to be compliant in three weeks. GO!”
“Performing control and standards research could take several days in my old job, and there was always the concern that I might have missed some critical frameworks or entire regulations. With the UCF, I can do that same research and summarization in hours and have the confidence that any major framework, standard, or regulation was comprehensively reviewed. The UCF allows me to better focus my time on other important information security activities.”
“We’ve been using the UCF for several years and it has continued to be the single most powerful compliance and regulation resource we have. UCF allows you to focus your efforts, increasing speed of compliance activities and decreasing risk of incomplete or inconsistent strategies, policies and controls. Regardless of the size of your organization you will see an immediate value in incorporating the UCF into your program and processes.”
“The UCF has saved me countless hours of research on the Internet. Having direct access to the authority documents for standards, regulations and guidelines in one convenient location has helped me turn around compliance initiatives such as HIPAA compliance in a fraction of the time compared to what it used to take me prior to using the UCF.”
“We have used the UCF compliance package tool for many assessments! The availability to pull the governance requirements is outstanding especially for each State. We also use it for quick references with building specific test plans.The UCF compliance package is a tool that we would like to keep in our tool bag!”
“We both use the UCF and recommend it to our clients. I can’t think of an organization that we work with whose core business is keeping track of the myriad of regulations that affect IT, not just in the US but overseas, but many spend a lot of effort doing just that. Why bother, when the UCF does all of the hard work, and allows you to focus on actually implementing controls to reduce risk to your organization, rather than working out how to interpret legislation? If that isn’t enough praise, for the amount of work that has gone into the UCF, it is incredibly competitively priced. We got almost instant return on our investment in UCF licenses and you will too.”
“I have used the UCF for 6+ years now, first as a Consultant and later as a full time InfoSec manager responsible for Governance, Compliance, and controls. The UCF has helped me in Business Impact Analysis and Risk Analysis functions for my work. It has saved me countless hours and reduced the cost associated with managing the complexity of IT risk and compliance by standardizing on a common set of controls that map to all the regulations and policy mandates they need to comply with.”
“At Cint, we are using UCF as information source for our Legislation guidelines matrix covering many countries all around the world. As Cint is ISO 20252 certified, these guidelines are an important part of our quality management where we are ensuring we always comply with the local laws and restrictions. The UCF helps us to keep the Legislation matrix up-to-date in a fast and easy way.”
“GRC Sphere members have concluded that the Common Controls Hub provides the greatest strategic value for their GRC program initiatives, not only as the System-of-Record for their compliance management Centers-of-Excellence, but also through these astounding operational reductions: 60% reduction of Internal Controls, 40% reduction in Labor Overhead, 50% reduction in Labor Overhead associated with remediation/change requests, 30% reduction in Labor Overhead associated with prepping for an audit.”
“I’m one of your clients who recently upgraded to the corporate UCF. Kid in a candy store is all I can say.”
There are many benefits to the Starter Account:
• Use the free account as a fantastic compliance research tool.
• Sort through the most up-to-date compliance regulations
• Compile customized Common Controls lists in minutes
• Integrate new mandates with existing controls
• Drill down for fast access to important research on the regulations
• Do a gap/overlap analysis to figure out which controls overlap
• Saves time because we did the research, mapped the regulations, and distilled them all into a set of unique citations mapped to distinct common controls.
• Cuts your costs, streamlines compliance initiatives, and allows for faster, more informed decision-making.
• Highlights the overlaps and redundancies between controls to reduce requirements to the bare minimum needed to comply
• Shows which actions are required by each regulation
• Tracks compliance regulations and all Authority Documents, their changes, their individual issuers, and their terms and acronyms. Updated regularly.
• End-to-end transparency shows how the Authority Documents you are following connect to their citations, which connect to the appropriate controls, which connect to Assets, Roles, Events, etc.
A Basic Subscription includes 3 users, 5 Custom Builds (spreadsheet exports), and unlimited Authority Document comparisons.
A Basic Subscription may be upgraded by purchasing more builds for a one time cost of $99 each.
Purchase more subscriptions for as many additional users as needed for $99 each.
Add Custom Compliance Templates for $5,000/yr.
A build is generated based on the Authority Documents you've selected; then export and download curated, Excel spreadsheets that are customized to your company's requirements.
Download Custom Compliance Templates in MS Word too, if you have subscribed to them.
Scope: The Common Controls Hub integrates critical legal and technical data to meet the needs of compliance officials, subject area experts, and lawyers. Creation of customized controls lists takes only seconds by selecting the specific industries, market segments, and geographies that apply to your organization.
Define: Each mandate is transparently presented to allow you to customize any Common Control list to meet your specific geographic and vertical requirements.
Maintain: Automatically track the changes required by new or updated laws and quickly assess any incremental changes required, rather than having to complete an entirely new assessment.
Build Custom Compliance Templates to meet your organization’s compliance requirements. Some examples of these templates include:
• Auditing Process Roles & Responsibilities
• Business Continuity Plan Reporting
• Compliance Monitoring & Auditing Metrics
• Incident Handling Management
• Information Security Testing & Assessment
• Internal & External Audit Reporting
• IT Security
• Password Procedures
• Red Flags Monitoring
• Systems Implementation
• Systems Risk Monitoring & Testing
• Vulnerability Management
Add Custom Compliance Templates to your CCH subscription.
Use the Common Controls Hub to connect to the most popular GRC software.
The API add-on allows you to connect other software to the UCF via your Common Controls Hub account.