Information Security Forum, Aruvio, and the Unified Compliance Framework Collaborate to Release Complimentary Standards Comparison Toolkit (SCT)

Share Article

Supply Chain Gains Easy-to-See Gap/Overlap Analysis

News Image

Aruvio and the Unified Compliance Framework® (UCF) today announced the Standards Comparison Tool is now available. The Standards Comparison Tool (SCT) is a valuable, free-to-use site developed in association with the Information Security Forum (ISF) to help organizations manage third-party supplier risk and simplify the procurement process between organizations and their third-party suppliers.

Aruvio leveraged their cloud-based GRC product line and the Unified Compliance Framework content to allow any organization to automatically analyze and compare the compliance regulations they are following vs their third-party suppliers and then tabulate the gaps and overlaps between requirements.

“Information security practitioners currently face a range of overlapping security standards that increase compliance costs. During supplier vetting process, the array of standards can make it difficult to judge what a supplier certification actually means, what value to place on the certification, and what security benefits certifications actually indicate or confer,” said Rajesh Unadkat, Aruvio Founder and Vice President of Product. “The Standards Comparison Tool was developed specifically to help organizations that juggle multiple compliance regulations.”

“One of the great things about the Standards Comparison Tool is that anyone can quickly and easily see exactly what the gaps and the overlaps between their required controls and the controls their supply chain follow,” said Craig Isaacs, CEO, Unified Compliance Framework.

The core of the UCF is the Common Control table: over 1000 international laws, standards, obligations and more have been mapped to the Common Controls. Leveraging the Common Controls complements ISF’s Supply Chain Assurance Framework by enhancing communication between acquirers and suppliers in the management of information risk.

The Standards Comparison Tool is free-to-use for online gap analysis. Those who would like to export the gap analysis results can opt-in for a paid subscription.

To view detailed information about the Aruvio Standard Comparisons tool, visit

About Aruvio
Aruvio is a leading provider of cloud-based governance risk and compliance solutions. With Aruvio, organizations are able to build, enhance and maintain GRC programs across IT, finance, operations, and legal domains. Aruvio’s enterprise approach develops and maintains a record system for organization wide compliance, quality, risks and incidents. Advanced reporting capabilities generate a rapid data on performance and risk related metrics to develop, manage, measure and maintain compliance a quality processes.

Through a strong partnership with the Unified Compliance Framework, Aruvio’s GRC solution is preloaded with over 700 regulations and 5000 controls to allow point and click control mapping, addressing industry and function specific risk and compliance management such as privacy, anti-bribery risk & compliance, conflict minerals compliance, PCI compliance, Basel II, Solvency II, and third party risk management.

About The Information Security Forum
The Information Security Forum (ISF) is an independent membership organization that is a major force in information security worldwide. Please visit the ISF website for further details: Employees of ISF Member organizations can access our Member deliverables and benefits at

About the Unified Compliance Framework®
The UCF is the only industry-vetted compliance database which transforms the authority documents that affect your company into a simplified, unified set of harmonized controls, giving you a single point of management over hundreds of complex IT compliance requirements from around the world. We help you map the overlap between multiple authority documents, create your control list for specific IT areas, and clarify any conflicts created by overlapping authority documents. For further details visit:

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Jesscia Clark
Follow >