Unified Compliance Announces Common Controls Attestation Portal

March 3, 2016 | News/Articles

Unified Compliance Announces Common Controls Attestation Portal
Provides Instant Visibility into Third Party and Supply Chain Compliance Risk

Lafayette, CA—February 29, 2016   Unified Compliance, the premier provider of compliance mapping and creators of the Unified Compliance Framework® (UCF®) and the Common Controls Hub® (the SaaS front-end for the UCF) today announced the immediate availability of the API enabled Common Controls Attestation Portal which provides quick, centralized, real-time distribution and reporting of regulatory compliance adherence of third-party and supply chain members across multiple vertical industries.

Third-party and supply chain compliance risk management is mandated for most organizations. However distributing, reporting, and tracking of adherence to control lists is so painful that many organizations do not perform due diligence at all or with the necessary frequency.

Existing third-party and supply chain compliance risk management tools, as well as GRC tools, lack the capability of creating and distributing lists of Common Controls.

Existing audit management tools lack the capability of creating and distributing audit questions for lists of Common Controls.

The Portal fills this gap by providing the ability to create an Authority Document-based list of Common Controls and then share that list of Common Controls with as many third-parties and supply chain members as needed in only 5 steps. Recipients may then either self-assess their compliance with the controls or have an auditor certify compliance with the Common Controls and then automatically certify the Configuration Controls. Those attestations are immediately updated and available in the originator’s portal of the Common Controls Hub or may be sent through the API to any API-enabled audit management tool, third-party and supply chain compliance risk management tools, as well as GRC tools.

Responders can use a Common Controls Hub free trial account to view the Common Control requirements or pay USD 99.00 to respond with results. Audit management tools can also load audit questions, which would otherwise have to be manually created, directly from the API.

“The Common Controls Attestation Portal has made it possible to create a list of auditable Common Controls and efficiently route that list for self attestation purposes. Integration through the API with Total Compliance Tracking allows Internal Auditors to save time and resources, provides immediate status updates, and handles communication between your organization and a battery of different auditors during the attestation process” said Adam Goslin, CEO of Total Compliance Tracking.

The innovations of the API enabled Common Control Attestation Portal will go a long way to helping companies control their liability and gain visibility into third-party vulnerabilities which has become essential for effective vendor risk management.

                                                                                                                   # # #


About Unified Compliance and the UCF

Since 1992, Unified Compliance has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance. The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.

Recently honored with a GRC Innovation Award for Technical Innovation in Regulatory Intelligence for Compliance Management by independent governance, risk, and compliance (GRC) analyst firm GRC 20/20 Research, the UCF provides targeted, harmonized research on what an organization needs to do — and not do — to achieve and maintain compliance with industry, government, and best practice demands.

The UCF’s architecture was specifically designed for the delivery of all of the information necessary to establish governance methodologies. Customers using the UCF can document and leverage the links between harmonized controls, records, assets (and their configurations), events, metrics, and roles.

More information can be found at and

About the Science of Compliance

By applying the scientific method to compliance — rigorously testing best practices and methodologies as well as analyzing and organizing information into a rational format — Unified Compliance has developed a logical approach to IT compliance that reduces cost, limits liability, simplifies the compliance process and leverages the value of related technologies and services across the enterprise.