Coalfire’s Consolidated Audit Program
Hosting providers, as a condition of doing business, must be secure. They must comply with every standard that applies at any of their customers, and they must have compliance evidence readily available for:
- every standard
- every customer audit
- every assessor firm
Sound complicated? It can be.
But there is a better way: Coalfire’s Consolidated Audit Program.
Founded on the Coalfire Common Controls Framework™ (CCCF), our Consolidated Audit Program enables you to measure compliance once, knowing that your controls and evidence will be accurately mapped to a wide range of standards, including HIPAA, NIST, PCI, GLBA, ISO, FedRAMP and others.
Common Controls. Common Sense.
The CCCF represents the collective knowledge of our 10-year history, and it is immediately updated when standards change and when new guidance is developed by industry working groups.
The CCCF contains thousands of controls, neatly organized into “families”, as shown below. Each of these control families is then broken down into control objectives, testing criteria and documentation standards.