Compliance Regulatory Overview: What's next?

Lesson 7 of 7

It is nearly impossible to predict what new compliance
regulations are down the pike. However, in many cases, the controls
organizations have in place to meet existing compliance standards act as the
groundwork for future legislation.

For example, the Gramm-Leach-Bliley Act called for corporations
to take measures for insuring the security and confidentiality of customer
records and information. And in response to a recent upsurge of data theft, the
Payment Card Industry (PCI) Data Security Standard (developed by MasterCard and
VISA and also being enforced by American Express) has been designed to protect
cardholder information and must be implemented by members, merchants, and
service providers. So rather than IT having to implement a completely new set
of security measures, they can build upon the ones they introduced with Gramm-Leach-Bliley.
(For more information about the structure of the PCI standard, read PCI compliance: Don’t
become another headline.)

Compliance: An ongoing process

The mistake many organizations make is to look at compliance
as a one-time task when, in reality, it is an ongoing process that requires
constant monitoring and updating. Some companies are spending huge amounts of
money to install automated solutions to “get compliance over with.” The
most successful organizations find out how to create business value from the
compliance solutions they’ve put in place, and optimize the software, hardware,
and services they acquired to reach those first compliance standards. They know
that the solutions they put in place will improve alignment, reduce IT costs
and complexity, and improve quality. In other words, they know how to turn
regulatory burden into competitive advantage.

Compliance resources

The following resources offer insight on how to optimize
your compliance systems for business value.

Practical
advice for CIOs wrestling with compliance issues
This downloadable chapter from the upcoming book CIO Wisdom II delves into useful strategies for CIOs who don’t
have a dedicated department to take care of all their compliance concerns.
Compliance:
The Silver Lining
Regulatory compliance has produced a silver lining of sorts, forcing many
businesses to get their houses in order and giving them the money and
justification to do so. During this Computer Associates-sponsored Webcast
from ZDNet, you’ll learn how compliance can be used as a lever of change
and opportunity across the enterprise.
Compliance
opportunities abound for VARs
This article from ComputerWorld
discusses how equipment deployment and implementation will be the
“next wave” of compliance activity.
Come Right In
This article from Investment Advisor
talks about what financial businesses can expect going forward in regard
to compliance issues.
Beyond Compliance
Even though some compliance systems are initially set up to identify bad
customers, you can also use it to identify the behavior of good customers
and improve your customer service. Get more details by reading this InformationWeek article.
Beyond
Compliance: Leveraging Internal Control to Build a Better Business
This white paper by Deloitte & Touche talks about the ongoing benefits
of a strong internal control structure.
IT Mission:
Deliver Competitiveness Beyond Compliance
In this article from the DMReview site, Rajeev
Rawat examines how compliance implementations can enable the
creation of a work environment that exemplifies teamwork and
collaboration.
Going
Beyond Compliance
Check out Supply & Demand Chain Executive’s review of Approva Corp., a
provider of enterprise controls management software, that is now offering
the BizRights Order-to-Cash Insight.

Course list

Lesson
1: Sarbanes-Oxley
Lesson
2: HIPAA
Lesson
3: Gramm-Leach-Bliley
Lesson
4: FERPA
Lesson
5: USA
Patriot Act
Lesson
6: European
legislation
Lesson 7: What’s next?

Sign up for the Compliance Regulatory Overview series

If you haven’t subscribed to this series, automatically sign up today to receive the entire Compliance Regulatory Overview series in your inbox.

We want your feedback

Lesson 7 on What’s Next in Compliance was:

Very helpful
Somewhat helpful
Not helpful

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

A computer running payroll software. — Image: Nuthawut/Adobe Stock

Tech & Work

The best payroll software for your small business in 2023

Looking for the best payroll software for your small business? Check out our top picks for 2023 and read our in-depth analysis.

Malware, or Hack Attack Concept. — Image: WhataWin/Adobe Stock

Security

Top cybersecurity threats for 2023

Next year, cybercriminals will be as busy as ever. Are IT departments ready?

The Salesforce building in San Francisco. — Image: Sundry Photography/Adobe Stock

Cloud

Salesforce supercharges its tech stack with new integrations for Slack, Tableau

The company, which for several years has been on a buying spree for best-of-breed products, is integrating platforms to generate synergies for speed, insights and collaboration.

remote-hiring-video-woman-interview-recruiting-presenting — fizkes / iStock

Software

The best applicant tracking systems for 2023

Organize a number of different applicants using an ATS to cut down on the amount of unnecessary time spent finding the right candidate.

People near the Microsoft store on Fifth Avenue in New York City. — Image: Bumblee_Dee, iStock/Getty Images

Software

108 Excel tips every user should master

Whether you are a Microsoft Excel beginner or an advanced user, you'll benefit from these step-by-step tutorials.

This policy describes guidelines your organization can follow to track, process and decommission IT equipment. From the policy: SUMMARY An organization’s IT hardware inventory constitutes a significant capital investment in order to perform company operations. Because hardware represents a critical asset and often holds organizational data, it is important for the company to track each ...

Whether an infection is the result of a disgruntled employee, hardware vulnerability, software-based threat, social engineering penetration, robotic attack or human error, all organizations must be prepared to immediately respond effectively to such an issue if the corresponding damage is to be minimized. Because even the best protected networks become infected, all organizations must have ...

Every operating system should be appropriately secured, especially end user workstations which often contain or permit access to company data and upon which most employee job duties are based. To get the maximum security protection out of your Windows 10 deployments follow this checklist from TechRepublic Premium. Also included in this checklist: Security solutions Product ...

Compliance Regulatory Overview: What’s next?