NOTES: IT Strategy Series: What is IT Compliance?
Saturday, February 10th, 2007| March 8, 2007 | ||
| 12:00 pm | to | 1:30 pm |
I feel that our Roundtable session on Thursday, February 8th, 2007 went very well for all in attendance at the ITA. Part-1 of this 3-part series introduced the IT Community to the changing world of Regulatory Compliance, and how it impacts IT in each industry domestically and abroad.
Open Discussion in the group was focused on:
- What are the KEY Compliance Laws Affecting IT in the past, today and in the future? (HIPAA, GLBA, SOX, Privacy, SEC 17a-4, Info. Retention, Civil procedures, etc…)
- eDiscovery laws, keeping up with the infrastructures of your IT systems to support these laws
- Sarbanes-Oxley and other Financial regulatory laws, how implementing change to support them can make IT a stronger force in the corporate make-up.
- What is COSO and CobiT - and how are they used to Audit my IT Department?
- What does being Compliant MEAN for IT, and how do we know we are there?
- Frameworks and Methodologies used by IT, to structure and enforce internal controls throughout the organization to support those important systems and day-to-day business processes.
- There was much more discussion on resources used to research and implement solutions for these additional Regulatory tasks on IT, and also that the ITA will be hosting a BEST PRACTICES for POLICIES AND PROCEDURES in March, that will only reinforce these elements for IT and Corporate Management in the SMB markets.
To download a copy of the Presentation for your review, please use the following LINK: http://radiancompliance.org/ITA_20070208_IT_Compliance.pdf
- NOTE: This file is in PDF format of the slides, and about 6.2MB in size.
I hope you can join us NEXT month for Part-2 of our IT Strategy Series: WHAT ARE INTERNAL CONTROLS? Discussion will focus on What are General Controls and IT Controls, how they impact the Compliance Processes, what you probably have in place to jump-start becoming compliant, and how to mitigate the risks and get good documentation to safe-guard your department and business. Stay ‘tuned’ for more details to come! Next Roundtable is Thursday, March 8th, 2007 at 12:00 PM.
- Laurie Faith
Next in the IT Strategy Series
IT Strategy Series: IT Controls – Do I have them and where I can I find them?
DATE: 03/08/2007 TIME: 12:00 – 1:30 p.m.
Having the springboard of a general understanding of IT Compliance, this second strategy series narrows into the identification of Risk within your IT department. Compliance is based on knowing you’re IT Controls and mitigating any risks to them. This session will define known IT controls (as accepted by governing bodies), understanding common risks and their impacts along with an introduction to some known IT Frameworks (ITIL, Cobit, ISO). This session will give a high level mapping of known controls to SOX and also how IT Controls align to other compliance laws (ECM, Privacy Laws, Data Recovery).
Posted in Events | No Comments »
