# Unified Compliance Framework ## Capability Scope | **Control Domain** | Published in | **Capability Scope** | | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------- | | Acquisition or sale of facilities, technology, and services | UCF | | | Audits and Risk Management | UCF | [[Compliance]]<br>[[Control Development]]<br>[[Control Verification]] | | Harmonization Methods and Manual of Style | UCF | | | Human Resources Management | UCF | | | Leadership and High Level Objectives | UCF | | | Monitoring and Measurement | UCF | | | Operational Management | UCF | | | Operational and Systems Security | UCF | | | Physical and Environmental Protection | UCF | | | Privacy protection for information and data | UCF | [[Data Management]] | | Records Management | UCF | [[Data Management]] | | System hardening through Configuration Management | UCF | [[Device Management]] | | Systems design, build, and implementation | UCF | [[Device Management]] | | Technical Security | UCF | | | Third Party and supply chain oversight | UCF | [[Third Party Management]] | ## Inspiration & Resources + [Adobe Common Controls Framework | Adobe Trust Center](https://www.adobe.com/trust/compliance/adobe-ccf.html) + [Unified Compliance](https://www.unifiedcompliance.com/) + [Secure Controls Framework](https://securecontrolsframework.com/) + [Cisco Cloud Controls Framework - Cisco](https://www.cisco.com/c/en/us/about/trust-center/compliance/ccf.html) ## Release Notes + [[WIP - Q3 2024 Release#Map Common Controls Frameworks to Cybersecurity Capabilities]]