The innovations of the API-enabled Common Control Attestation Portal help companies control liability & gain visibility into third-party compliance/control status, which has become essential for effective vendor risk management.
Lafayette, CA (PRWEB) March 01, 2016
Unified Compliance, the premier provider of compliance mapping and creators of the Unified Compliance Framework® (UCF®) and the Common Controls Hub® (the SaaS front-end for the UCF) today announced the immediate availability of the API-enabled Common Controls Attestation Portal which provides quick, centralized, real-time distribution and reporting of regulatory compliance adherence of third-party and supply chain members across multiple vertical industries.
Third-party and supply chain compliance risk management is mandated for most organizations. However distributing, reporting, and tracking of adherence to control lists is so painful that many organizations do not perform due diligence at all or with the necessary frequency.
Existing third-party and supply chain compliance risk management tools, as well as GRC tools, lack the capability of creating and distributing lists of Common Controls. Existing audit management tools lack the capability of creating and distributing audit questions for lists of Common Controls.
The Common Controls Hub fills this gap by providing the ability to create an Authority Document-based list of Common Controls and then share that list of Common Controls with as many third-parties and supply chain members as needed in only 5 steps. Recipients may then either self-assess their compliance with the controls or work with an auditor to certify compliance, which can then be loaded through the self-assess process. Once attestations are updated into the Common Controls Hub, they are immediately updated and available in the originator’s portal of the Common Controls Hub. Responders can use a Common Controls Hub free trial account to view the Common Control requirements or pay USD 99.00 to respond manually with results.
These attestations can be streamlined through the use of the Common Controls Hub API from any API-enabled audit management tool, third-party and supply chain compliance risk management tools, as well as GRC tools. Audit management tools can dramatically streamline the assessment and compliance management process by facilitating downloading of controls directly from the API.
“The Common Controls Attestation Portal has made it possible to create a list of auditable Common Controls and efficiently route that list for self attestation purposes. The integration that Total Compliance Tracking performed with the API from the Common Controls Hub allows mutual customers to save time and resources, download their list of controls into the TCT Portal, leverage the TCT Portal for full compliance management capabilities, provide immediate and integrated status updates for all participants in the security / compliance process, all while handling the security / compliance workflow both internally for an organization and with their various auditors during the attestation process,” said Adam Goslin, CEO of Total Compliance Tracking.
The innovations of the API-enabled Common Control Attestation Portal will go a long way to helping companies control their liability and gain visibility into third-party compliance / control status, which has become essential for effective vendor risk management.
About Unified Compliance and the UCF
Since 1992, Unified Compliance has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance. The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.
Recently honored with a GRC Innovation Award for Technical Innovation in Regulatory Intelligence for Compliance Management by independent governance, risk, and compliance (GRC) analyst firm GRC 20/20 Research, the UCF provides targeted, harmonized research on what an organization needs to do — and not do — to achieve and maintain compliance with industry, government, and best practice demands.
The UCF’s architecture was specifically designed for the delivery of all of the information necessary to establish governance methodologies. Customers using the UCF can document and leverage the links between harmonized controls, records, assets (and their configurations), events, metrics, and roles.
About the Science of Compliance
By applying the scientific method to compliance — rigorously testing best practices and methodologies as well as analyzing and organizing information into a rational format — Unified Compliance has developed a logical approach to IT compliance that reduces cost, limits liability, simplifies the compliance process and leverages the value of related technologies and services across the enterprise.