- ABOUT THE UCF
- UCF Controls
- Research Sites List
- Authority Documents
- Authority Documents In-Depth Report
- Language of Compliance
- Metrics Standards
- Roles Definitions
- Monitored Events
- Compliance Docs
- Information Classification
- Audit Guidelines
- XML Database Files
- The Science of Compliance eBook
- Elements of Compliance
- UCF PRODUCTS
- FREE RESOURCES
UCF Content Providers
We work closely with these organizations to map their content into the UCF
ARMA International (www.arma.org) is a not-for-profit professional association and the authority on governing information. Formed in 1955, ARMA International is the oldest and largest association for the information management profession with a current international membership of nearly 27,000. ARMA International develops and publishes standards and guidelines related to information governance and is the creator of the Generally Accepted Recordkeeping Principles® and the Information Governance Assessment. More information at arma.org/principles.
|ASIS International is the preeminent organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities, and the public.|
BITS is the technology policy division of The Financial Services Roundtable, which represents 100 of the largest integrated financial services companies providing banking, insurance, and investment products and services to the American consumer. BITS addresses issues at the intersection of financial services, technology and public policy, where industry cooperation serves the public good, such as critical infrastructure protection, fraud prevention, and the safety of financial services.
|CIS is a premier organization that improves global security posture by providing a valued and trusted environment for bridging the public and private sectors.The mission of the Center for Internet Security is to enhance the security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS serves a leadership role in the shaping of key security policies and decisions at the national and international levels.CIS provides its customers with resources that measurably improve their security effectiveness.|
|The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.|
|The Information Security Forum (ISF) is an independent, not-for-profit organisation with a Membership comprising many of the world's leading organisations featured on the Fortune 500 and Forbes 2000 lists. We are dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of our Members.|
|ISO (International Organization for Standardization) is the world’s largest developer of voluntary International Standards. International Standards give state of the art specifications for products, services and good practice, helping to make industry more efficient and effective. Developed through global consensus, they help to break down barriers to international trade.|
The North American Electric Reliability Corporation is a not-for-profit entity whose mission is to ensure the reliability of the Bulk-Power System in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long-term reliability; monitors the Bulk-Power System through system awareness; and educates, trains and certifies industry personnel. As the electric reliability organization, NERC is subject to oversight by the Federal Energy Regulatory Commission and is under similar obligations in Canada, as well as a portion of Baja California Norte, Mexico.
|The mission of the international nonprofit NFPA, established in 1896, is to reduce the worldwide burden of fire and other hazards on the quality of life by providing and advocating consensus codes and standards, research, training, and education. The world's leading advocate of fire prevention and an authoritative source on public safety, NFPA develops, publishes, and disseminates more than 300 consensus codes and standards intended to minimize the possibility and effects of fire and other risks.|
|Founded in 1901 and now part of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major handicap to U.S. industrial competitiveness at the time—a second-rate measurement infrastructure that lagged behind the capabilities of England, Germany, and other economic rivals. Today, NIST measurements support the smallest of technologies—nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair—to the largest and most complex of human-made creations, from earthquake-resistant skyscrapers to wide-body jetliners to global communication networks.|
|The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.|
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Shared Assessments was created by leading financial institutions, the Big 4 accounting firms, and key service providers to inject standardization, consistency, speed, efficiency and cost savings into the vendor risk assessment process. Through membership in the Shared Assessments Member Forum and use of the Shared Assessments Tools (the Agreed Upon Procedures and the Standard Information Gathering questionnaire), Shared Assessments eliminates redundancies and creates efficiencies, giving all parties a faster, more efficient and less costly means of conducting rigorous and comprehensive risk, security, privacy and business continuity assessments.