Schema Reference

There are three main schemas that are documented here, those pertaining to Software Identification tags (SWID Tags), that are managed through a partnership with the UCF and, those schemas managed through the Dictionary Society (DSNA)’s SIGLEX Group, and those managed directly by the Unified Compliance team.

Software Identification Tags (SWID tags) are intended to record unique information about an installed software application, including its name, edition, version, and supports software inventory and asset management initiatives.

For organizations to benefit from their use, configuration guidance can be provided by vendors to support the implementation of regulations and standards such as HIPAA, GDPR, PCI, NIST 800–53, and others.

Members of are encouraged to participate at in the further development of these specific schema elements to:

  • Certify extended SWID Tag authoring individuals and organizations
  • Certify both basic and extended SWID tags
  • Map configuration guidance to the UCF’s Common Controls as product-specific implementation guidance
  • Lead the development and customization of the API to market standard and adoption

The Unified Compliance Framework

The Unified Compliance Framework (UCF for short) is composed of a great many elements that will be documented within the UCF’s Schema pages. Members of the UCF community are also encouraged to participate at in the further development of these specific schema elements.

Data model Element Icons

Each of the elements below represent different data model elements of one of the schemas. For simplicity, each item will be called an element.

Icon Representation
Squared elements denote external authority over the element.
Notched elements denote elements that the organization can govern.
Teardrop elements denote elements found in the CCH website.