Contents

News and Features
Enterprise Award Winners
Social Media for Business
Hiring Trends Survey Results
Compensation Survey Results
Secrets of Success

Departments
Message from CEO
Member Survey
Guest Column
Medical Devices
Business Technology
CIO Institute

Members
Member Profiles
Member Reports

---

Advertisements

Vol. XXXI, No. 1   January 2010

Departments

Business Technology

Elegant compliance in a world
of regulation – at a glance

By Bill Jefferis

Compliance, regardless of industry, involves an orchestrated effort between corporate and IT management to implement systems that are capable of providing information access, timeliness and accuracy. Organizations, faced with an increasingly complex regulatory landscape, need to focus their energies on running their businesses, not cobbling together a multi-vendor IT solution to meet their compliance and reporting requirements.

The key is working with solutions providers who understand the subtleties and uniqueness of their environments, those who can bring to bear the services, infrastructure and application expertise to enable organizations to collect, organize and distribute data from all parts of the organization to achieve real-time business objectives.

The following list of key criteria will provide an outline of the areas that need to be considered when thinking about preparing your organization for industry or regulatory compliance.

The Key Areas of Concern

• Internal controls
• Material changes
• International concerns
• Private companies

The Recipe for Success – Start with a plan that is integrated with your strategic business plan

• Ensure buy-in from internal/external stakeholders
• Deploy skills and resources plan (IT and dependencies)
• Deploy risks and mitigation process (IT and dependencies)
• Determine schedule and costs

Understand the Four Pillars of Compliance Foundations

• People
• Process
• Technology
• Legal/Regulatory

Develop a Compliance Roadmap

• Plan and scope
• Perform risk assessment
• Identify significant accounts/controls
• Document control design
• Evaluate control design
• Evaluate operational effectiveness
• Determine material weaknesses
• Document results
• Build sustainability

Align and Integrate for Business Value – Structure compliance programs the way businesses are structured (top down/bottom up)

• Strategy
• Business process/organization
• Applications and functionality
• Infrastructure

Turning Compliance into Competitive Advantage – Future-proofing IT investments

• Higher enterprise ROI on technology investments
• Develop breakthrough business models
• Realization of strategic capabilities via technology

As with any major business or IT project or endeavor, it is important to do your due diligence when planning your compliance programs. Do your homework and use many of the publicly available resources available on the Web, leverage industry-specific consultants to help you with your plan, and either utilize in-house staff or a hired partner to execute your plan.

---

Bill Jefferis is Vice President, Marketing and Business Development, at Evolve IP.