News, Tips, and Advice for Technology Professionals

By Guest Contributor in CXO on October 6, 2005, 11:42 AM PST

This is part seven of a seven-part series on IT compliance. In this lesson, we will take a look at compliance issues on the horizon.

Lesson 7 of 7

It is nearly impossible to predict what new compliance regulations are down the pike. However, in many cases, the controls organizations have in place to meet existing compliance standards act as the groundwork for future legislation.

For example, the Gramm-Leach-Bliley Act called for corporations to take measures for insuring the security and confidentiality of customer records and information. And in response to a recent upsurge of data theft, the Payment Card Industry (PCI) Data Security Standard (developed by MasterCard and VISA and also being enforced by American Express) has been designed to protect cardholder information and must be implemented by members, merchants, and service providers. So rather than IT having to implement a completely new set of security measures, they can build upon the ones they introduced with Gramm-Leach-Bliley. (For more information about the structure of the PCI standard, read PCI compliance: Don't become another headline.)

Compliance: An ongoing process

The mistake many organizations make is to look at compliance as a one-time task when, in reality, it is an ongoing process that requires constant monitoring and updating. Some companies are spending huge amounts of money to install automated solutions to "get compliance over with." The most successful organizations find out how to create business value from the compliance solutions they've put in place, and optimize the software, hardware, and services they acquired to reach those first compliance standards. They know that the solutions they put in place will improve alignment, reduce IT costs and complexity, and improve quality. In other words, they know how to turn regulatory burden into competitive advantage.

Compliance resources

The following resources offer insight on how to optimize your compliance systems for business value.

Practical advice for CIOs wrestling with compliance issues
This downloadable chapter from the upcoming book CIO Wisdom II delves into useful strategies for CIOs who don't have a dedicated department to take care of all their compliance concerns.
Compliance: The Silver Lining
Regulatory compliance has produced a silver lining of sorts, forcing many businesses to get their houses in order and giving them the money and justification to do so. During this Computer Associates-sponsored Webcast from ZDNet, you'll learn how compliance can be used as a lever of change and opportunity across the enterprise.
Compliance opportunities abound for VARs
This article from ComputerWorld discusses how equipment deployment and implementation will be the "next wave" of compliance activity.
Come Right In
This article from Investment Advisor talks about what financial businesses can expect going forward in regard to compliance issues.
Beyond Compliance
Even though some compliance systems are initially set up to identify bad customers, you can also use it to identify the behavior of good customers and improve your customer service. Get more details by reading this InformationWeek article.
Beyond Compliance: Leveraging Internal Control to Build a Better Business
This white paper by Deloitte & Touche talks about the ongoing benefits of a strong internal control structure.
IT Mission: Deliver Competitiveness Beyond Compliance
In this article from the DMReview site, Rajeev Rawat examines how compliance implementations can enable the creation of a work environment that exemplifies teamwork and collaboration.
Going Beyond Compliance
Check out Supply & Demand Chain Executive's review of Approva Corp., a provider of enterprise controls management software, that is now offering the BizRights Order-to-Cash Insight.