Palo Alto, California (PressExposure) October 02, 2009 -- Due to government regulations on privacy and security that have emerged in recent years to safeguard consumer information and ensure corporate accountability, compliance and controls have become central to planning, designing and ongoing administration of IT systems for CIOs and IT executives. To address this issue, MetricStream has partnered with Network Frontiers to deliver its Unified Compliance Framework (UCF) - a comprehensive database that maps and harmonizes more than 2,500 IT control statements to more than 400 regulations, standards and frameworks, embedded with MetricStreamâs market leading Governance, Risk, Compliance (GRC) solutions.
Through this partnership, MetricStream clients will be able to contain the cost and manage the overwhelming complexity of IT compliance by standardizing on a common set of controls that map to all the regulations and policy mandates they need to comply with. Now available as a hierarchical dataset within the MetricStream IT-GRC application, the UCF leverages the commonalities running through various regulations, standards and guidelines in order to rationalize IT controls and organize them for easy implementation, testing and monitoring.
MetricStreamâs IT-GRC solution streamlines a wide range of IT activities including managing IT policies, tracking IT assets, assessing and responding to IT risks, implementing IT controls, measuring and reporting compliance with the IT controls and regulatory requirements, recognizing and responding to incidents and threats, managing IT vendor risks and performance, business continuity planning and ongoing IT auditing. By delivering the UCF content integrated with its solution, MetricStream will further enhance the ROI customers derive from an integrated IT-GRC system by providing a unified and clear view of global IT regulatory requirements and how to meet them.
The UCF includes controls from a variety of regulations and guidelines, including the Sarbanes-Oxley Act (SOX), Basel II, Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), NASD Manual, HIPAA, CMS, FERC Security Program, NERC Critical Infrastructure Protection (CIP), Uniform Electronic Transactions Act (UETA), FIPS 191, GAO Financial Audit Manual, IRS Revenue Procedure, Federal Rules of Civil Procedure, FFIEC, NIST COBIT and ISO 27002.
âNetwork Frontiers has created a reliable information architecture based on thorough legal reviews of the UCF control mappings to the authoritative sources. This will provide our customers the assurance that their legal liabilities and risk exposures are limited, while they benefit from a workflow and collaboration driven IT-GRC system delivered by MetricStream,â says Gaurav Kapoor, CFO and General Manager at MetricStream.
âFortune 1000 companies select MetricStream to integrate their GRC processes into a common infrastructure eliminating silos, standardizing processes and improving collaboration," said Craig Isaacs, CEO of Network Frontiers. "MetricStream customers can now benefit from the UCF by reducing resources, time, and costs associated with deciphering IT compliance requirements and translating them into controls and control activities. This integrated solution will also give customers a crystal clear view into the state of their IT governance program and where they need to focus for better risk and compliance management.â
About Network Frontiers Since 1992 Network Frontiers has developed ground-breaking tools to support IT best practices with a special focus on regulatory compliance, metrics, systems continuity and governance. Dorian Cougias, founder and Lead Analyst, is a frequent speaker at technology conferences and has authored numerous articles and books, including The Compliance Book and the award-winning Backup Book: Disaster Recovery from Desktop to Data Center. Network Frontiers was recently cited by information technology research and advisory company Gartner as one of their five leading Cool Vendors in Risk Management and Compliance for 2009.
The Unified Compliance Framework (UCF) is Network Frontiers' flagship product. By focusing on commonalities across regulations, standards-based development, and simplified architectures, the UCF supports a strategic approach to IT compliance that reduces cost, limits liability, and leverages the value of compliance-related technologies and services across the enterprise. The UCF's content and methodology is the direct result of Network Frontiers deep understanding of IT regulations and standards and decades of experience consulting for clients, publications, and vendors in the mission-critical IT arena.
The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Latham and Watkins, which oversees all legal aspects of the UCF. More information can be found at http://www.unifiedcompliance.com.