Organizations are responsible for complying with various local, national, and international laws, policies, rules, and regulations. Failure to comply with such requirements can lead to sanctions such as fines, loss of certifications, and disqualification from certain business activities. New laws are being passed, and existing regulations are being amended on a continuous basis. Organizations need to keep abreast of these changes, and their compliance programs must incorporate the changes for them to remain compliant. To say that the compliance process can be complicated is an understatement.
Laws, policies, rules, and regulations are published in the form of Authority Documents. Each Authority Document contains mandates that must be interpreted and applied. Although mandates often overlap, their wording can (and does) vary across documents. Furthermore, it isn't always enough to merely comply with a mandate. In most cases evidence must be gathered and conveyed that signifies that the organization has implemented methods and practices to achieve compliance.
The tools and resources provided by Unified Compliance The UCF is a tool provided by Unified Compliance.are designed to simplify the process of scoping, defining, and maintaining compliance and provide proof that a compliance methodology has been implemented. The Unified Compliance Framework (UCF) is an information framework designed to help client organizations achieve compliance. The UCF Mapping Team builds and maintains the UCF data through compliance mapping. Once an Authority Document is mapped, it is published to the Common Controls Hub (CCH), where subscribers can view and interpret the Authority Documents that are relevant to them.