- Unified Compliance Knowledge Base
- Unified Compliance FAQs
- Frequently Asked Questions
-
Unified Compliance FAQs
-
Common Controls Hub FAQs
-
Compliance Dictionary FAQs
-
Research FAQs
-
Mapper FAQs
-
Resellers FAQs
-
Common Controls Hub Deep Dive
-
Mapper Deep Dive
- Cataloging Authority Documents
- Cataloging Private Authority Documents
- Map a Citation
- Tag Citation
- Match Citation to a Control
- Match a Citation to a Control (Private Authority Documents)
- Add Audit Question
- Citation Hierarchy
- Citation Hierarchy (Private Authority Documents)
- Add Dictionary Terms
- Asset
- Configurable Item
- Configuration Setting
- Data Content
- Organization
- Organizational Task
- Record Category
- Record Example
- Role
- Triggering Event
- Nonstandard Term
-
Mapper Guides
-
API Developers
-
Contact Support
Where is HITRUST?
HITRUST has specifically asked the UCF Team NOT to review their materials.
They are opaque and do not want any outside review of their controls. They specifically do not want organizations that use HITRUST to know where their controls have gaps with the existing laws and rules related to health care and personal information.
Until they request outside review (like Cloud Security Alliance, Shared Assessments, ISF, and many others), they will not be mapped to the UCF.
If there are specific documents that HITRUST covers that you would like added to the UCF, you can submit and vote on Authority Documents requests HERE.
Or contact our support team by submitting a support request through our Customer Portal.
For more information on Authority Document prioritization and requests, check our FAQ article How does Unified Compliance determine which documents to map?