Common Control Framework is a set of controls or requirements designed to eliminate or mitigate the duplication of multiple frameworks. Establishing a common control framework has the potential to eliminate the duplication of requirements within frameworks and simplify the process of scoping, defining, and maintaining compliance. As a result, organizations have the potential to save significant time and resources, since they are not forced to recreate the GRC security each time a new compliance mandate is published. It gives organizations the power to test once and comply with many regulations simultaneously. To create a common controls framework, organizations should determine which regulations they are subject to and the cost of noncompliance, whether or not regulators expect strict compliance, and the organization’s readiness.
For more on common control framework: