Lesson 7 of 7

It is nearly impossible to predict what new compliance
regulations are down the pike. However, in many cases, the controls
organizations have in place to meet existing compliance standards act as the
groundwork for future legislation.

For example, the Gramm-Leach-Bliley Act called for corporations
to take measures for insuring the security and confidentiality of customer
records and information. And in response to a recent upsurge of data theft, the
Payment Card Industry (PCI) Data Security Standard (developed by MasterCard and
VISA and also being enforced by American Express) has been designed to protect
cardholder information and must be implemented by members, merchants, and
service providers. So rather than IT having to implement a completely new set
of security measures, they can build upon the ones they introduced with Gramm-Leach-Bliley.
(For more information about the structure of the PCI standard, read PCI compliance: Don’t
become another headline

Compliance: An ongoing process

The mistake many organizations make is to look at compliance
as a one-time task when, in reality, it is an ongoing process that requires
constant monitoring and updating. Some companies are spending huge amounts of
money to install automated solutions to “get compliance over with.” The
most successful organizations find out how to create business value from the
compliance solutions they’ve put in place, and optimize the software, hardware,
and services they acquired to reach those first compliance standards. They know
that the solutions they put in place will improve alignment, reduce IT costs
and complexity, and improve quality. In other words, they know how to turn
regulatory burden into competitive advantage.

Compliance resources

The following resources offer insight on how to optimize
your compliance systems for business value.

  • Practical
    advice for CIOs wrestling with compliance issues

    This downloadable chapter from the upcoming book CIO Wisdom II delves into useful strategies for CIOs who don’t
    have a dedicated department to take care of all their compliance concerns.
  • Compliance:
    The Silver Lining

    Regulatory compliance has produced a silver lining of sorts, forcing many
    businesses to get their houses in order and giving them the money and
    justification to do so. During this Computer Associates-sponsored Webcast
    from ZDNet, you’ll learn how compliance can be used as a lever of change
    and opportunity across the enterprise.
  • Compliance
    opportunities abound for VARs

    This article from ComputerWorld
    discusses how equipment deployment and implementation will be the
    “next wave” of compliance activity.
  • Come Right In
    This article from Investment Advisor
    talks about what financial businesses can expect going forward in regard
    to compliance issues.
  • Beyond Compliance
    Even though some compliance systems are initially set up to identify bad
    customers, you can also use it to identify the behavior of good customers
    and improve your customer service. Get more details by reading this InformationWeek article.
  • Beyond
    Compliance: Leveraging Internal Control to Build a Better Business

    This white paper by Deloitte & Touche talks about the ongoing benefits
    of a strong internal control structure.
  • IT Mission:
    Deliver Competitiveness Beyond Compliance

    In this article from the DMReview site, Rajeev
    Rawat examines how compliance implementations can enable the
    creation of a work environment that exemplifies teamwork and
  • Going
    Beyond Compliance

    Check out Supply & Demand Chain Executive’s review of Approva Corp., a
    provider of enterprise controls management software, that is now offering
    the BizRights Order-to-Cash Insight.

Course list

Sign up for the Compliance Regulatory Overview series

If you haven’t subscribed to this series, automatically sign up today to receive the entire Compliance Regulatory Overview series in your inbox.

We want your feedback

Lesson 7 on What’s Next in Compliance was:

 Very helpful
 Somewhat helpful
 Not helpful