News & Events


Press Releases


Unified Compliance Unveils the Common Controls Hub
SaaS Portal Eases Compliance Burden by Allowing Companies to Create Customized Control Sets and Compliance Templates in Seconds

TRUSTe Announces General Availability of Assessment Manager for Enterprises to Streamline Data Privacy Management with Automation
Further Expands Privacy Content Library via New Partnership with UCF to incorporate more than 800 International Regulatory Requirements, Standards, and Guidelines

MetricStream's and Unified Compliance Announce New Cybersecurity Hub
The Hub will be the first of its kind, enabling companies to quickly scope, define, and maintain all major cybersecurity requirements and frameworks in one place

Unified Compliance Taps Coalfire as First Audit Partner
Premier Provider of compliance mapping and creators of the UCF enlists Coalfire for audit and cyber risk expertise

Unified Compliance and the Center for Internet Security Collaboration Enables Enhanced GRC Automation
Best Practice Security Configuration Control Guidance for Windows 8, Windows Server 2013, iOS 7, IE 10, and CentOS 6

Unified Compliance and ARMA Announce Collaboration
The UCF Integrates ARMA International's Generally Accepted Recordkeeping Principles Into Its Patented Framework

UCF® Receives 2014 GRC Technology Award from Independent Analyst Firm GRC 20/20 
3rd annual awards program recognizes game-changing technologies likely to impact the GRC market

UCF® Granted Patent for Ground-Breaking Compliance Methodology.
Patent Enables Automated Governance and Continuous Monitoring

UCF's New Interchange Format: the Smartest GRC Solution at RSA 2014
UCFi first to bridge the legal/technical divide, enabling continuous monitoring and auditing

The UCF Announces UCFinterchange to Support Cybersecurity.
New Interchange Format Enables Automated Audits with Continuous Monitoring

Dorian J. Cougias Appointed as U.S. Head of Delegation to the ISO/IEC JTC 1 Working Group
on Governance of IT Meeting

Meeting being held in Tokyo, August 18th through the 22nd

Network Frontiers' Unified Compliance Framework Licensed by TruOps GRC Hub
UCF Strengthens TruOps Risk, Compliance, and Policy Offering

Compliance 2012: Harmonize Controls or Pay the Price
Network Frontiers' Unified Compliance Framework Is Built For The Future

Network Frontiers and LockPath Release Free Online Compliance Dictionary
First Comprehensive Regulatory Dictionary Aims to End Compliance Language Confusion

GRC and Security Unified for the First Time with Network Frontiers' Monitored Events
Unified Compliance Framework Q1 2011 Update Released

Network Frontiers Cures Compliance Misery
Q4 2010 Unified Compliance Framework Focuses on Healthcare

Network Frontiers Leverages UCF Open Data Format
Q3 2010 Unified Compliance Framework Update Includes Content from CIS, CSA



When it Comes to Controls and Compliance, Fix Once and Comply with Many:  Brian Musthaler, Security Bistro

Unifying Compliance Initiatives to Make Budgets Last: Ericka Chickowski, Dark Reading

GRC is About to See Its FutureDavid Schneier, Regulatory Reality, A SearchFinancialSecurity blog

[Interview] The Compliance Challenge for IT: Building a Framework of IT Controls, Policies, Compliance and Procedures: Nymity Interview with Dorian Cougias, Lead Analyst of the UCF,




WEBINAR: Consolidate PCI + SOC based assessments - Powered by the Unified Compliance Framework®

Thu, Apr 30, 2015 10:00 AM - 11:00 AM PDT


Cloud service providers (CSPs) are an intersection of many industry and government security and compliance requirements based on the variety of client organizations that leverage a cloud provider. As such CSPs need to meet various audit standards, acquire certifications, and provide reports to clients to ensure the integrity, privacy and security of customer data.

Get the most out of your auditing investment by adapting your deliverables so they meet more than one compliance requirement.

In this webinar, we’ll show how a SOC audit coupled with a PCI assessment helps save time and money by avoiding duplicate and time-consuming audits. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data.

SOC reports are designed to help service organizations build trust and confidence in their service delivery processes and controls through a report by an independent CPA.

In this webinar, we'll cover:

• Why it’s important to consider SOC and PCI-based assessments;
• Identifying and managing regulatory risk with less time and effort;
• Reducing risk, increasing transparency, and making audits easier;
• Creating a legally defensible framework.

Learn how compliance can be even more streamlined with the Unified Compliance Framework. We’ll show you how to simplify and centralize your compliance efforts with the only patented, industry-vetted compliance database framework.