sponsored by Symantec Corporation
Posted:  02 Sep 2009
Published:  03 Aug 2009
Format:  PDF
Length:  14  Page(s)
Type:  White Paper
Language:  English
ABSTRACT:
"Proactive Compliance" describes an innovative new way of approaching the compliance process. Simply put, it involves looking beyond the immediate need to pass an audit and leveraging compliance to drive IT operational excellence.

Proactive compliance calls for deploying the right mix of tools and resources needed to deliver secure, high quality IT services. From a compliance and audit perspective, a more secure network allows organizations to anticipate and plan for compliance and audit needs well in advance resulting in minimal or no audit deficiencies. From a business perspective, the net result is better availability of the systems and data needed to run the business.

Changing this mindset from reactive to proactive is no small challenge. This paper examines how organizations can use a Capability Maturity Model to help drive this change. The paper explores how an organization can move from the lower levels of the model, where the focus is typically on process alignment and mechanisms for assessing risk to the higher levels where the needs of Compliance Managers and CISOs come together through a joint focus on data and system availability. Guidelines are provided for the kinds of solutions that can be put in place at each stage of the maturity model in order to meet compliance requirements while achieving operational excellence. Drawing on recent research from the IT Policy Compliance Group, the benefits of such operational excellence are examined. Finally, this paper highlights how one Fortune 500 company realized significant cost-savings in the areas of audit scoping, preparation and testing as it moved towards adopting a truly proactive approach to compliance.






BROWSE RELATED RESOURCES
CISOs | Compliance (Systems Operations) | Compliance Audits | Enterprise Resource Management | Enterprise Systems | Regulatory Compliance | Risk Assessment | Security Policies

View All Resources sponsored by Symantec Corporation

About TechTarget:

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

All Rights Reserved, Copyright 2000 - 2014, TechTarget | Read our Privacy Statement