Course Homework Week 5
Course Homework Week 5
IT Governance, SEC 592
Clarke Cummings
Keller Graduate School of Management
Gregory Gleghorn, Professor
Summary
Understanding the issues around regulatory compliance can be a difficult and frustrating endeavor. Financial data must be kept confidential and unmolested at all costs. With data reporting, security and privacy gaining importance, companies world-over are under increasingly complex requirements for regulatory compliance. The intent of these multiple regulations and industry standards is to ensure the security, availability and integrity of business information. Companies which don’t comply with these regulations risk legal action as well as fines and restrictions.
What is the intent of regulatory compliance?
Regulatory compliance is an organization 's adherence to laws, regulations, guidelines and specifications relevant to its business. Violations of regulatory compliance regulations often result in legal punishment, including federal fines. For that reason, the intent of regulatory compliance within a business element is to ensure the laws, regulations, guidelines and management policies put into place to enforce same and keep the business/company in compliance.
What is the role of IT in maintaining corporate compliance?
Companies that effectively balance security and regulatory compliance don 't just follow the letter of the law. They typically go beyond what is required by a regulation, because it makes their environment more secure. Any company that embarks on the compliance journey should adhere to the following five principles to ensure that information security doesn 't get left behind. (Kark, 2007) Hence, itt is important to establish, implement, operate, monitor, review, maintain and improve within in the context of managing an organization’s overall business risk while assuring optimal protection according to ISO/IEC 27001 standards. Additionally, IT managers are responsible for
IT Governance, SEC 592
Clarke Cummings
Keller Graduate School of Management
Gregory Gleghorn, Professor
Summary
Understanding the issues around regulatory compliance can be a difficult and frustrating endeavor. Financial data must be kept confidential and unmolested at all costs. With data reporting, security and privacy gaining importance, companies world-over are under increasingly complex requirements for regulatory compliance. The intent of these multiple regulations and industry standards is to ensure the security, availability and integrity of business information. Companies which don’t comply with these regulations risk legal action as well as fines and restrictions.
What is the intent of regulatory compliance?
Regulatory compliance is an organization 's adherence to laws, regulations, guidelines and specifications relevant to its business. Violations of regulatory compliance regulations often result in legal punishment, including federal fines. For that reason, the intent of regulatory compliance within a business element is to ensure the laws, regulations, guidelines and management policies put into place to enforce same and keep the business/company in compliance.
What is the role of IT in maintaining corporate compliance?
Companies that effectively balance security and regulatory compliance don 't just follow the letter of the law. They typically go beyond what is required by a regulation, because it makes their environment more secure. Any company that embarks on the compliance journey should adhere to the following five principles to ensure that information security doesn 't get left behind. (Kark, 2007) Hence, itt is important to establish, implement, operate, monitor, review, maintain and improve within in the context of managing an organization’s overall business risk while assuring optimal protection according to ISO/IEC 27001 standards. Additionally, IT managers are responsible for
References: Chandiramani, Sunil, Information Technology and Corporate Governance, February 2007. Downloaded from http://www.expresscomputeronline.com/ on February 4, 2014. Khalid Kark, IT Compliance Success Doesn 't Equal Security Success, January 2007 Downloaded from http://searchsecurity.techtarget.com/tip/IT-compliance-success-doesnt-equal-security-success on February 6, 2014. Tarantino, A. (2006), Manager’s Guide to Compliance, John Wiley & Sons, Inc., Hoboken, New Jersey.