September 30, 2009 | Palo Alto, California: Due to government regulations on privacy and security that have emerged in recent years to safeguard consumer information and ensure corporate accountability, compliance and controls have become central to planning, designing and ongoing administration of IT systems for CIOs and IT executives. To address this issue, MetricStream has partnered with Network Frontiers to deliver its Unified Compliance Framework (UCF) - a comprehensive database that maps and harmonizes more than 2,500 IT control statements to more than 400 regulations, standards and frameworks, embedded with MetricStream's market leading Governance, Risk, Compliance (GRC) solutions.

Through this partnership, MetricStream clients will be able to contain the cost and manage the overwhelming complexity of IT compliance by standardizing on a common set of controls that map to all the regulations and policy mandates they need to comply with. Now available as a hierarchical dataset within the MetricStream IT GRC application, the UCF leverages the commonalities running through various regulations, standards and guidelines in order to rationalize IT controls and organize them for easy implementation, testing and monitoring.

MetricStream’s IT GRC solution streamlines a wide range of IT activities including managing IT policies, tracking IT assets, assessing and responding to IT risks, implementing IT controls, measuring and reporting compliance with the IT controls and regulatory requirements, recognizing and responding to incidents and threats, managing IT vendor risks and performance, business continuity planning and ongoing IT auditing. By delivering the UCF content integrated with its solution, MetricStream will further enhance the ROI customers derive from an integrated IT GRC system by providing a unified and clear view of global IT regulatory requirements and how to meet them.

The UCF includes controls from a variety of regulations and guidelines, including the Sarbanes-Oxley Act (SOX), Basel II, Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), NASD Manual, HIPAA, CMS, FERC Security Program, NERC Critical Infrastructure Protection (CIP), Uniform Electronic Transactions Act (UETA), FIPS 191, GAO Financial Audit Manual, IRS Revenue Procedure, Federal Rules of Civil Procedure, FFIEC, NIST COBIT and ISO 27002.

“Network Frontiers has created a reliable information architecture based on thorough legal reviews of the UCF control mappings to the authoritative sources. This will provide our customers the assurance that their legal liabilities and risk exposures are limited, while they benefit from a workflow and collaboration driven IT GRC system delivered by MetricStream,” says Gaurav Kapoor, CFO and General Manager at MetricStream.

“Fortune 1000 companies select MetricStream to integrate their GRC processes into a common infrastructure eliminating silos, standardizing processes and improving collaboration," said Craig Isaacs, CEO of Network Frontiers. "MetricStream customers can now benefit from the UCF by reducing resources, time, and costs associated with deciphering IT compliance requirements and translating them into controls and control activities. This integrated solution will also give customers a crystal clear view into the state of their IT governance program and where they need to focus for better risk and compliance management.”

About MetricStream

MetricStream is the independent market leader in enterprise cloud applications for governance, risk, compliance (GRC), and quality management. MetricStream apps and software solutions improve business performance by strengthening risk management, corporate governance, regulatory compliance, audit management, vendor governance, and quality management for organizations across industries, including banking and financial services, health care, life sciences, energy and utilities, consumer brands, government, technology, and manufacturing. MetricStream is headquartered in Palo Alto, California, with an operations and GRC innovation center in Bengaluru, India, and sales and operations support in 12 other cities globally.(

Press contact

[email protected]

Get a demo Download RFP Template Pricing Contact