view issue

The Compliance Game: Although complying with myriad regulations affecting information technology these days can feel like a chore, technology professionals now have an opportunity to leverage these efforts and create a proactive approach to IT governance. Tune into this month’s Queuecast as Kris Lovejoy, CTO of Consul, discusses with host Mike Vizard why companies must shift their focus on compliance to a new governance approach that will ultimately better serve a company’s needs.

September 1, 2006

Topic: Compliance

  • View Comments
  • Print

Related:

Tracy Ragan - Keeping Score in the IT Compliance Game
Achieving developer acceptance of standardized procedures for managing applications from development to release is one of the largest hurdles facing organizations today. Establishing a standardized development-to-release workflow, often referred to as the ALM (application lifecycle management) process, is particularly critical for organizations in their efforts to meet tough IT compliance mandates. This is much easier said than done, as different development teams have created their own unique procedures that are undocumented, unclear, and nontraceable.


J. C. Cannon, Marilee Byers - Compliance Deconstructed
The topic of compliance becomes increasingly complex each year. Dozens of regulatory requirements can affect a company’s business processes. Moreover, these requirements are often vague and confusing. When those in charge of compliance are asked if their business processes are in compliance, it is understandably difficult for them to respond succinctly and with confidence. This article looks at how companies can deconstruct compliance, dealing with it in a systematic fashion and applying technology to automate compliance-related business processes. It also looks specifically at how Microsoft approaches compliance to SOX.


John Bostick - Box Their SOXes Off
Data is a precious resource for any large organization. The larger the organization, the more likely it will rely to some degree on third-party vendors and partners to help it manage and monitor its mission-critical data. In the wake of new regulations for public companies, such as Section 404 of SOX, the folks who run IT departments for Fortune 1000 companies have an ever-increasing need to know that when it comes to the 24/7/365 monitoring of their critical data transactions, they have business partners with well-planned and well-documented procedures. In response to a growing need to validate third-party controls and procedures, some companies are insisting that certain vendors undergo SAS 70 Type II audits.


Eric Allman - Complying with Compliance
“Hey, compliance is boring. Really, really boring. And besides, I work neither in the financial industry nor in health care. Why should I care about SOX and HIPAA?” Yep, you’re absolutely right. You write payroll applications, or operating systems, or user interfaces, or (heaven forbid) e-mail servers. Why should you worry about compliance issues?


Although complying with myriad regulations affecting information technology these days can feel like a chore, technology professionals now have an opportunity to leverage these efforts and create a proactive approach to IT governance. Tune into this month’s Queuecast as Kris Lovejoy, CTO of Consul, discusses with host Mike Vizard why companies must shift their focus on compliance to a new governance approach that will ultimately better serve a company’s needs.



Back to top

Comments

(newest first)

Leave this field empty

Post a Comment: