Laws and regulations are constantly evolving. Nowhere has this fact of life had a more profound impact than in today's IT department. For example, the emergence of email as critical evidence in litigation has increased liability for companies that do not have sound retention strategies in place. And measuring and reporting on IT internal controls poses an additional challenge in the age of the Sarbanes-Oxley Act.
Although the term "compliance" means something different to every company, the intent of multiple regulations across industries has a core commonality: to ensure the security, availability, and ultimately the integrity of corporate information. While many enterprises have approached compliance as a one-time event or on a per-regulation basis, this article will argue that organizations must begin to address compliance from a strategic perspective -- one that mandates a proactive and holistic approach to building a comprehensive set of capabilities in security and availability. A strategic approach can go beyond the regulatory environment and help companies improve overall security and availability of information assets, reduce operating costs, and increase the quality of IT service throughout the enterprise.
See full Article.
Posts
