Compliance with regulations such as SOX and HIPAA is not merely a matter of "dotting all your i's and crossing all your t's." If it's not taken seriously, your CEO may wind up in jail. The stakes are high, costs are escalating and confusion reigns. To help guide you through the mind-numbing maze of bureaucracy that is regulatory compliance, we've assembled this collection of articles, news analysis, expert commentary and case studies.
| Compliance in the enterprise |
Requires Free Membership to View
- Compliance
software essentials: Build a technology toolbox
There's really no one technology answer for regulatory compliance. Companies need a variety of tools to effectively meet the requirements of regulations such as Sarbanes-Oxley.
- Compliance
and BI: Same mission, different approaches
Both BI and compliance initiatives are used to help manage a company's assets. But they offer completely different approaches to the same goal
- Financial
data management tool eases compliance pain
Financial data management software vendors claim to reduce compliance costs via workflow and data quality tools. Users say the software helps them save money -- and sleep soundly.
- Regulatory
compliance and the DBA: What you need to know
DBAs need to understand how regulatory compliance laws are changing the corporate world and impacting their job roles.
- Oracle
lags behind SAP on compliance, analyst says
In the race to offer customers a comprehensive compliance strategy, SAP is way ahead of Oracle, according to one industry observer.
- Playing
the blame-game with regulatory compliance issues
Security pros and auditors are often at odds due to miscommunications, but an analyst at this year's Burton Group Catalyst Conference said it doesn't have to be that way.
| Sarbanes-Oxley |
- Compliance
software essentials: Build a technology toolbox
There's really no one technology answer for regulatory compliance. Companies need a variety of tools to effectively meet the requirements of regulations such as Sarbanes-Oxley.
- Financial
data management tool eases compliance pain
Financial data management software vendors claim to reduce compliance costs via workflow and data quality tools. Users say the software helps them save money -- and sleep soundly. - Security
policies: Don't be an army of one
The seemingly insurmountable task of developing, implementing and enforcing policies can be overcome by employing the help of others, both within and outside the enterprise.
- SOX
compliance: Building a directory services model for adequate access controls
Using meta-directories for authentication and access control puts data at risk, but they can help achieve the granular control of service directories required for compliance.
| HIPAA |
- Healthcare
users struggle with HIPAA
Healthcare providers, especially small and midsized companies, say HIPAA has made them rethink their approach to storage.
- Are
hospitals gaining on HIPAA?
Institutions under pressure to meet federal security rules have hunkered down and boosted IT spending.
- MARCH
TO HIPAA: The best insurance policy
Health insurance companies say HIPAA simply reflects rules they've had to live by all along. That doesn't mean every operation is ironclad.
- MARCH
TO HIPAA: Small practices can't seem to 'follow the law'
If your local dentist isn't complying with HIPAA's security rules, he's not alone. Experts say most doctors' offices aren't getting it.
- MARCH
TO HIPAA: A mixed diagnosis for hospitals
If upper management is supportive and the right people oversee security, hospitals are doing right by HIPAA. But those ingredients aren't always there.
| Auditing |
- Career
building through compliance
Compliance can be good for your career. Just ask this former DBA turned IT manager. - Five
compliance questions to ask your CEO
To avoid SOX trouble, every CIO should ask these five questions -- and every CEO should answer them. - Compliance
investment offers SMBs big benefits
Compliance for SMBs is quite costly, but the operation and business benefits are well worth the investment. - Spotlight
turns to chief compliance officers
Move over, ethics officers. New chief compliance officers have fancy law degrees, hefty salary demands – and a seat in the boardroom. - Audit
Trail: Sifting through an audit
Compliance can be complicated, for sure. But there are common trouble spots you can avoid to make your next audit less painful than your last.
| Compliance resources |
 |
|
|
|
Chapter Download:
Security
Controls for Sarbanes-Oxley Section 404 IT Compliance: Authorization, Authentication, and
Access
The big story in Sarbanes-Oxley for the IT professional is that earlier approaches to quickly
getting applications built and in place to support the business (punch a few holes in the firewall
and worry about security later) will no longer pass the inevitable audit. Meeting the test of
maintaining effective internal control structure and processes supporting accurate financial
reporting requires treating SOX 404 compliance with a focus and discipline not always evident in
existing information systems designs.
|
|
|
|
| Craig Mullins, Data governance and quality expert | |
|
|
Expert Advice:
The
truth about "one-size-fits-all" data governance "solutions"
Regulatory compliance is the latest bandwagon that software vendors have boarded in an attempt to
sell more product. Many products have been rebranded under a compliance or governance banner in
order to sell more copies. The cynic in me sneers at such attempts, but the pragmatist wins out. By
this I mean, if you really had all of the solutions in place and working then there'd be nothing to
worry about, would there?