MSP Verify “gold standard” updated to reflect closer alignment to CMMC (NIST 800-171) and ISO 27001 controls

Chapel Hill, NC – May 20, 2021 – The International Association of Cloud & Managed Service Providers (MSPAlliance®) announced the newest release of its Unified Certification Standard (UCS) for Cloud & Managed Service Providers. UCS v.21 adds more detail around existing Cybersecurity coverage within the standard, including further mapping to frameworks such as CMMC and ISO 27001. 

The UCS was created in 2004 and is the only purpose-built MSP standard developed by MSPs. The UCS undergoes regular reviews to maintain its relevance within the professional managed services community. Comprised of 10 objectives, the UCS provides a comprehensive evaluation of and benchmark for practicing managed service providers. 

“UCS v.21 represents a significant enhancement of our standard,” said CHarles Weaver, co-founder of MSPAlliance. “As our global community of MSPs must increasingly comply with frameworks such as CMMC and ISO 27001, this update to the UCS allows those providers going through the MSP Verify process to more easily identify and onboard the controls necessary to demonstrate such compliance.”

The UCS currently covers ten objectives or topical areas relevant to practicing MSPs: 

  • UCS Objective 1 – Governance
  • UCS Objective 2 – Policies & Procedures
  • UCS Objective 3 – Confidentiality, Privacy and Service Transparency
  • UCS Objective 4 – Change Management 
  • UCS Objective 5 – Service Operations Management
  • UCS Objective 6 – Information Security
  • UCS Objective 7 – Data and Device Management 
  • UCS Objective 8 – Physical Security
  • UCS Objective 9 – Billing and Reporting
  • UCS Objective 10 – Corporate Health
MSP Verify Certification Offerings

MSPAlliance currently offers the following certifications: 

  • MSP Verify – for providers of managed IT services
  • Cloud Verify – for providers of cloud-based applications, including Software as a Service and cloud-based infrastructure
  • SOC 1 Type 1 & Type 2 – can be added to any MSP or Cloud Verify project
  • SOC 2 Type 1 & Type 2 – can be added to any MSP or Cloud Verify project
  • Data Center Verify – for providers of data center services
  • Business Continuity Verify – an independent verification of MSP business continuity operations
  • GDPR Verify – for service providers wanting to demonstrate compliance with GDPR 
  • ISO 27001

All MSPAlliance certifications include consultative gap analysis, remediation assistance, and an independent auditor review with a signed, comprehensive audit report. Further, providers who participate in the certification process can participate in peer-group-style meetings with other MSP Verify companies. 

Less than 3% of the MSPs worldwide possess an MSP Verify (or equivalent) certification or audit. Those MSPs with the MSP Verify service both SMB, mid-market, and enterprise clients, including organizations across many vertical markets, including financial services, banking, healthcare, education, legal, government, and more.

Tags : Cloud Verify,CMMC,GDPR,GDPR Verify,ISO 27001,MSP Verify,NIST,UCS

Post A Comment
YouTube Logo | MSPAlliance

Subscribe to MSPAlliance on YouTube!

Explore a world of valuable content, including full-length podcast episodes and clips, thought-provoking special interviews, immersive events, enriching webinars, live streams, and more.

Join our community on YouTube, subscribe to our channel, and elevate your MSP journey!

Mobile and Laptop device image of YouTube MSPAlliance Channel | MSPAlliance

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

First Name *
Last Name: *
Contact Email: *
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.





Contact us


510 Meadowmont Village Cir, #289 | Chapel Hill, NC 27517

MSP News

Sign up for MSP News, the weekly newsletter bringing you news and analysis from the managed services industry.