AKIBIA'S PRACTICAL GUIDE TO ENTERPRISE TECHNOLOGY
Thursday, September 30, 2010
Too Many Requirements; How One VP of IT Handles It
In 1996 IT departments were only concerned with two mandates, but today there are over 200 and more than 2500 security controls associated with them. The cost, both in budget and time, associated with understanding, addressing and proving compliance with these ever expanding mandates is considerable. Because requirements expand and change on a regular basis, the project of managing compliance is never complete, leaving CIOs and their IT departments constantly at risk of non-compliance. John Lauderbach, the vice president of IT at Roche Bros recently presented to his peers his solution for staying on top of compliance.
As a major retailer in Massachusetts, Roche Bros. needed to manage and maintain compliance with increasingly expanding regulations - from PCI, to HIPAA, to MA 201 CMR 17, to specific IIAS regulations governing Flex Spending Cards. By tackling the requirements one at a time John knew he would eventually achieve compliance, only to have a regulation change, beginning his cycle all over again. He needed a better way to manage compliance, a process that was more proactive, a solution to reduce risk by outsourcing some core functions, and a way to ensure the company stayed on top of changes.
John found his solution with a managed service from Akibia that leverages people, process and technology to reduce risks associated with compliance. Roche Bros. now has a better understanding of compliance requirements, more confidence in their ability to adapt and address changing and expanding requirements, and a stronger reporting process to prove compliance. In addition, the company has been able to reassign IT focus to other business process and efficiency improvements.
How do you manage compliance?
To read the case study John presented, go here.
