Developer: Unified Compliance Framework (UCF)
This package contains the following Excel spreadsheets:
Technical Security Excel spreadsheet
This impact zone begins with the need for establishing an access classification scheme, and moves through policies and procedures, network access point management, operating system access management, information flow enforcement, remote access management, encryption management, and managing intrusion detection/response.
Systems continuity spreadsheet
Availability is one of the most critical aspects of information -- if it isn't available, the organization can't depend upon it. Therefore, this impact zone focuses on maintaining the continuity framework, establishing a continuity strategy, documenting continuity plans, alternate site preparations, and maintaining the continuity plan itself.
Physical and environmental protection spreadsheet
This impact zone covers the IT facilities, the physical security of distributed IT assets, and the environmental controls necessary (such as power and air) for maintaining IT availability.
Operational management Excel spreadsheet
Operational management, as you might have guessed, is huge. It covers everything from roles and responsibilities though help desk operations, managing the IT configurations (systems hardening), capacity management, allocating costs, accountability, and all other day-to-day processes that keep an IT organization on track.
Monitoring and measurement Excel spreadsheet
One of the keys to a successful compliance campaign is tracking your compliance. This means gathering the necessary evidence that you are doing your job. Therefore, this impact zone is concerned with monitoring and logging operations; risk, performance, and compliance monitoring and reporting.
The Leadership and High Level Objectives Excel spreadsheet
Beginning with the alignment of IT with the organization's strategies and tactics, this impact zone moves through the definitions of information classification, systems, organizing the compliance framework, and establishing a high level strategic plan for IT.
Design and implementation Excel spreadsheet
Whereas the acquisition impact zone covered what you need to know before you purchase hardware and software, the design and implementation impact zone covers all aspects of the design and implementation processes from the full project management standpoint to ensure that compliance is built in to the software or systems being designed.
Human Resources Management Excel spreadsheet
Many requirements now call for a full blown description of the IT organizational structure, and additional hiring practices such as security requirements. This impact zone begins with the hiring process and then moves through training, job descriptions, job performance, and the eventual end of cycle for staff members and third parties.
Privacy of information and data Excel spreadsheet
Privacy is one of our most cherished and valued assets. And yet, privacy breaches abound. This impact zone has the most controls (about a quarter of the total controls we have mapped so far!), and the most international controls by far. It covers the establishment of personal information collection boundaries, what you can and can't do with the information, and how you have to provide for the integrity and security of the information.
Audits and risk management Excel spreadsheet
These are the necessary requirements for establishing your internal audit and risk teams, conducting internal audits, and audit reporting.
Acquisition of technology and services Excel spreadsheet
This impact zone contains the controls necessary for the planning and documentation necessary when acquiring new hardware and software, including the assurance controls, cost controls, licensing controls, and testing controls necessary for compliance.
Records management Excel spreadsheet
This impact zone covers computerized records as an integral part of each and every system. It also covers the definition and maintenance of your organization's records discovery program.
Allows to create a single point of control, assert compliance across multiple authority documents simultaneously, clarify conflicts, drill down for explanations and sources for each control.
The Unified Compliance Framework (UCF) is the first and largest independent initiative to map IT controls across international regulations, standards, and best practices. In simple terms this means that we can present the complex rules, standards, and policies you must follow in a simple Excel spreadsheet format with in-depth links for you to drill down for as much information as you need.
This allows your organization to focus on a strategic plan (which resources should be applied when and where) to comply with multiple regulatory bodies using the same team, tools, and funding. To this end, we help you do three things: map the overlap between multiple authority documents, create your control list for each impact zone, and clarify any conflicts created by overlapping authority documents.
Both documents have the same content, the difference is just the usage-right:
The "Single User" edition of our spreadsheets may only be used by one person and may not be copied or shared (e.g. via shared drive, posted on Sharepoint or other website, distributed through e-mail, etc.). You are granted the right to copy it to a backup device, but this backup device (e.g. CD-ROM, Flash drive, backup tape, etc.) may not be used by others to read or utilize the spreadsheets. The intellectual property (IP) remains with Network Frontiers LLC and Latham & Watkins LLP.
The "Corporate" edition grants you the right to copy and distribute the spreadsheet within your corporation. The intellectual property (IP) remains with Network Frontiers LLC and Latham & Watkins LLP.
Q: Can we upgrade from the "Single User" to the "Corporate" Edition?
A: Yes. Once you've purchased the Corporate Edition of the spreadsheets, send us an e-mail with the the transaction IDs from the purchase of EACH Single User Edition matrix and the transaction ID from the MATCHING Corporate Edition matrix and we'll process your rebate check and mail that to you.
Windows IT Pro:
A "great research and information
tool..."
Network World:
The UCF "could save you a lot of time as well as a
fair bit of money..."
University of Delaware PCI
Conference:
"I'm suggesting to my company that we become a sponsor for a
future conference."
Platform:
Windows XP / 2000 / 2003 or later. Requires Excel 97 or later.
Alternatively, you can order the product "UCF 12 Spreadsheet Bundle". It contains Acquisition of technology and services Excel spreadsheet, Audits and risk management Excel spreadsheet, Design and implementation Excel spreadsheet, Human Resources Management Excel spreadsheet, Leadership, high level objectives Excel spreadsheet, Monitoring and measurement Excel spreadsheet, Operational management Excel spreadsheet, Physical, environmental protection Excel spreadsheet, Privacy protection (information, data) Excel spreadsheet, Records management Excel spreadsheet, Systems continuity Excel spreadsheet, Technical Security Excel spreadsheet.
Additional Information: |
|||
| UCF 12 Spreadsheet Bundle Single User Edition | $1000.00 | Buy Online |
 |
| UCF 12 Spreadsheet Bundle Site (corporate) Edition | $10000.00 | Buy Online |
|
Information Resources Management, IRM