-
Unified Compliance FAQs
-
Common Controls Hub FAQs
-
Compliance Dictionary FAQs
-
Research FAQs
-
Mapper FAQs
-
Resellers FAQs
-
Common Controls Hub Deep Dive
-
Mapper Deep Dive
- Cataloging Authority Documents
- Cataloging Private Authority Documents
- Map a Citation
- Tag Citation
- Match Citation to a Control
- Match a Citation to a Control (Private Authority Documents)
- Add Audit Question
- Citation Hierarchy
- Citation Hierarchy (Private Authority Documents)
- Add Dictionary Terms
- Asset
- Configurable Item
- Configuration Setting
- Data Content
- Organization
- Organizational Task
- Record Category
- Record Example
- Role
- Triggering Event
- Nonstandard Term
-
Mapper Guides
-
API Developers
-
Contact Support
Why does the UCF not map some documents until an audit guide has been released?
When there are actual authorities assigned to audit organizations based on specific mandates, the UCF team needs to understand exactly what the auditors require to prove (or disprove) compliance. Placing the controls in the Unified Compliance Framework without the evidence information would otherwise be misleading and not in keeping with the UCF mandate.