Unified Compliance and OCEG Announce Red Book and Unified Compliance Framework® Integration

Share Article

Compliance teams can now relate the OCEG GRC Capability Model 3.0 to Authority Documents originating around the world.

UCF Logo

Incorporating the OCEG Red Book into the UCF will be a game changer for those seeking to measure and grow their maturity in GRC related processes and practices while understanding the relationship between the vast array of GRC mandates.

Unified Compliance is the premier provider of compliance mapping and the creator of the Unified Compliance Framework® (UCF®) and its SaaS front-end, the Common Controls Hub™ (CCH™). Today, the company announced a partnership with OCEG, the global, nonprofit think tank that invented GRC. OCEG has integrated a condensed version of the GRC Capability Model 3.0, also called the OCEG Red Book, into the Unified Compliance Framework.

According to Carole Switzer, Esq., Co-Founder and President of OCEG, “We mapped a condensed version of the OCEG Red Book into the Unified Compliance Framework because we wanted to help users of the OCEG GRC Capability Model see how its defined practices relate to mandates that arise in other governance, risk management, and compliance Authority Documents originating around the world. In addition, now, they can quickly and easily manage the practices of the Model in GRC software that already work with the UCF.”

The integration is in line with OCEG’s objectives, Switzer indicated, “OCEG’s mission is to help organizations achieve Principled Performance, which we define as the ability to reliably achieve objectives while addressing uncertainty and acting with integrity, and having a mature, integrated set of governance, risk management, and compliance (GRC) capabilities is essential for this outcome.”

Craig Isaacs, Unified Compliance CEO, welcomed the partnership, saying, “The OCEG GRC Capability Model offers the only free and open source standards for GRC, which define processes to break down silos between departments by standardizing and integrating compliance, risk, and audit activities. This harmonized approach to GRC can benefit any organization and fits perfectly with the philosophy of unified compliance.”

Michael Rasmussen, GRC Economist and Pundit of GRC 20/20 Research LLC noted, "It is encouraging to see UCF expand its traditional mapping of information security Authority Documents and mandates to include a broader range of GRC capabilities and requirements. Incorporating the OCEG Red Book into the UCF will be a game changer for those seeking to measure and grow their maturity in GRC related processes and practices while understanding the relationship between the vast array of GRC mandates."

OCEG enlisted Tata Consultancy Services (TCS), to complete the mapping of the condensed OCEG Red Book using Unified Compliance’s new product, UCF Mapper™. TCS is a global consulting, business solutions and integration services organization that is a member of OCEG’s GRC Solutions Council. Switzer appreciates Tata’s participation. “We are very grateful for their volunteer efforts on this important project,” she said.

Kelly Ray, J.D., GRCP, OCEG Fellow, and a GRC Solution Strategist for TCS said, “These are exciting times as we see the manifestation of natural language processing and artificial intelligence aid in the GRC solutions space and begin to consider how automation can streamline and trigger fundamental paradigm shifts in the three lines of defense.”

“We deal with global clients who have a compelling need to simplify their controls framework," said Vijay Kumar Dikhani, GRCP, Domain Consultant with TCS’ BFS Risk Management Practice, adding, “CCH’s ability to enable a view of Common Controls across a plethora of multi-national authoritative sources is a powerful tool for varied global stakeholders.”

A webinar, sponsored by Unified Compliance and TCS, will be held on Thursday, July 13, 2017. The webinar, “Taking Integration to the Next Level: Using the GRC Capability Model in the Unified Compliance Framework,” will be presented by Craig Isaacs and Kelly Ray. Attendees will learn how the UCF works and how to use the UCF to identify mandates in the condensed version of the OCEG Red Book and other Authority Documents in the UCF that share Common Controls. Registration is available, but space is limited.

About Unified Compliance and the UCF
Unified Compliance® is the publisher of the world’s largest compliance library, the Unified Compliance Framework® (UCF®). Our scientific approach to overall compliance reduces cost, limits liability, and simplifies the compliance process. Our flagship product is the Common Controls Hub™ (CCH™), a dynamic SaaS portal built on the award-winning UCF that makes it easy to extract needed data from the framework. With the launch of a new CCH add-on, UCF Mapper™, compliance professionals will be able to map regulations into the UCF with the same patented process used by the Unified Compliance mapping team. More information can be found at UCFMapper.com, CommonControlsHub.com, and UnifiedCompliance.com. Follow us on Twitter or Facebook.

About OCEG
OCEG is the global, nonprofit think tank that invented GRC, an acronym that denotes the integration of governance, risk, and compliance, but connotes so much more. OCEG informs, empowers, and helps advance more than 65,000 members worldwide with ideas, content, and certifications. Independent of specific professions, OCEG provides content, best practices, education, and certifications to drive leadership and business strategy through the application of the OCEG GRC Capability Model™ and the concept of Principled Performance®. Members include c-suite, executive, management, and other professionals from small and midsize businesses, international corporations, nonprofits, and government agencies. Founded in 2002, OCEG is headquartered in Phoenix, AZ.

About Tata Consultancy Services Ltd (TCS)
Tata Consultancy Services is an IT services, consulting, and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT, BPS, infrastructure, engineering and assurance services. This is delivered through its unique Global Network Delivery Model™, recognized as the benchmark of excellence in software development. A part of the Tata group, India’s largest industrial conglomerate, TCS has over 387,000 of the world’s best-trained consultants in 45 countries. The company generated consolidated revenues of US $17.6billion for year ended March 31, 2017 and is listed on the BSE (formerly Bombay Stock Exchange) and the NSE (National Stock Exchange) in India. For more information, visit us at http://www.tcs.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Jody Mack
Levy Online
(702) 371-3303
Email >
Follow us on
Visit website