LAFAYETTE, Calif.--()--Network Frontiers, the premier provider of IT compliance mapping, today announced the release of the Q2 2010 Unified Compliance Framework quarterly update.
“Our compliance mappings confirm that 90% of requirements overlap. The customer benefits are clear: better information means less work to comply, audit and maintain GRC systems”
The Q2 2010 release incorporates all of the most current Common Configuration Enumerators as defined by NIST, MITRE, and the Common Configuration Enumeration (CCE) contribution network.
Network Frontiers' Unified Compliance Framework (UCF) harmonizes IT controls from over 400 international regulatory requirements, standards, and guidelines into a single set of straightforward requirements that clearly show the many points where global, state and industry regulations overlap, dramatically reducing the time, effort and cost associated with regulatory compliance efforts.
“Our compliance mappings confirm that 90% of requirements overlap. The customer benefits are clear: better information means less work to comply, audit and maintain GRC systems,” says Craig Isaacs, CEO of Network Frontiers. “That’s why industry leaders, including CA, Microsoft, Archer, OpenPages, BWise, Lumension, TruArx, NetIQ, and many others incorporate the UCF database in their GRC solutions.”
Configuration Management
The theme of the Q2 2010 update is configuration management: 15 of the 17 newly added or revised authority documents in the Q2 release focus specifically on the CCE criteria for a specified asset. These 15 authority documents represent 3,904 of the 4,311 newly added or revised citations, and account for all 246 new assets, 2,862 new configuration items, and 7,768 new configuration methods now included in the UCF database.
Government regulations and industry best practices require organizations to utilize configuration management processes to ensure compliance, automatically applying pre-defined policies across the entire enterprise and continuously auditing networks for changes to hardware, applications, and policies.
A slight change on a single system could move a compliant, secure enterprise into the danger zone of data breaches, fines, sanctions, expensive remediation, and/or an ugly public relations mess. Now that the UCF connects configuration management to the actual legal and contractual requirements, organizations will be able to find solutions to leverage the UCF to automate the entire compliance process from requirements to policies to procedures to live, automated, continuous testing.
The UCF is available in three versions: Basic (single-user), Corporate, and XML
Basic spreadsheet customers received updated spreadsheets. Corporate users received updated spreadsheets as well as hundreds of new UCF-based templates including Metrics, Roles, Policies, Standards, Procedures, Information Classification, and Audit Guideline documents, all of which will help organizations further reduce the cost and complexity of compliance. XML customers received all of the above, plus the database source.
The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Latham and Watkins, which oversees all legal aspects of the UCF. More information can be found at www.unifiedcompliance.com. For Sales, call 510.962.5195.
About Network Frontiers and the UCF
Since 1992, Network Frontiers has developed ground-breaking tools to support IT best practices with a special focus on regulatory compliance, metrics, systems continuity and governance. The Unified Compliance Framework (UCF) is Network Frontiers' flagship product. By focusing on commonalities across regulations, standards-based development, and simplified architectures, the UCF supports a strategic approach to IT compliance that reduces cost, limits liability, and leverages the value of compliance-related technologies and services across the enterprise. The UCF's content and methodology is the direct result of Network Frontiers deep understanding of IT regulations and standards and decades of experience consulting for clients, publications, and vendors in the mission-critical IT arena.
Facebook
Twitter
LinkedIn
Delicious
Reddit
StumbleUpon
Digg
MySpace
Newsvine
Google Bookmark
Yahoo! Bookmark
Email
Email 
