Managing Multiple Compliance Requirements

Contact Akibia Sales

Multiple Regulations, Multiple Reports, a Single Managed Compliance Solution

In 1996 IT departments were only concerned with two mandates, but today there are over 200 and more than 2500 security controls associated with them. The cost, both in budget and time, associated with understanding, addressing and proving compliance with these ever expanding mandates is considerable. Because the requirements expand and change on a regular basis, the project of managing compliance is never complete, leaving CIOs and their IT departments constantly at risk of non-compliance.

Roche Bros., a grocery chain in New England, struggled with these issues, and turned to Akibia for a unique managed solution to the challenge. AssuredCompliance combines quarterly assessments, access to risk and compliance experts and regular updates and best practices delivered via an online portal.

Challenge

Roche Bros. needed to manage and maintain compliance with increasingly expanding regulations - from PCI, to HIPAA, to MA 201 CMR 17, to specific IIAS regulations governing Flex Spending Cards. Juggling the multiple compliance requirements made it difficult for the IT staff to prioritize projects and left little time for the team to think strategically about compliance and risk. Instead the company tackled a long list of mandated security steps, with less attention paid to the impact of these steps on security policy and overall goals.

By tackling the requirements one at a time, the company was achieving compliance - but at significant costs. In addition to the budget ramifications of multiple compliance initiatives, the IT staff was overburdened, spending too much time on compliance-related initiatives which prevented them from focusing on business process improvements and technology advancements that would increase sales, build upon strong customer loyalty and improve efficiency in the business.

“With so many requirements to manage and react to, we just did not have the time or expertise in house to step back and analyze our compliance strategy in order to be more methodical and efficient in our approach,” said John Lauderbach, vice president at Roche Bros.

Solution

Roche Bros. understood that managing the multiple requirements simultaneously would be a better, more cost effective approach, but like nearly all organizations, the team lacked the resources and expertise to do so. The grocery store turned to its trusted risk and compliance advisor Akibia, and its managed service, AssuredCompliance.

Akibia’s AssuredCompliance service provides clients with visibility into multiple compliance requirements via a single, integrated framework. It provides the following benefits to clients:

  • Identifies GAPS in current processes and suggests problems to address first based on risk mitigation.
  • Maps controls across multiple mandates to eliminate re-work and streamline compliance initiatives.
  • Provides on-going monitoring strategies to ensure the company maintains compliance.
  • Delivers quarterly compliance evaluations to track progress against changing regulations.
  • Documents compliance, providing proof for auditors and executives.
  • Training for the IT staff and business users regarding compliance mandates and best practices.

Access to an online Compliance Portal which includes historical documentation of compliance rules and mandates, alerts regarding required changes, question and answer sessions with qualified and certified compliance experts, and a best practice process library for addressing specific requirements.

Results

With Akibia’s AssuredCompliance Roche Bros. has a better understanding of compliance requirements, more confidence in their ability to adapt and address changing and expanding requirements, and a stronger reporting process to prove compliance. In addition, the company has been able to reassign IT focus to other business process and efficiency improvements.

“AssuredCompliance gives us reassurance that we are doing everything we can to comply with the many evolving regulations that impact our industry. Access to experts and best practices ensure our approach is accurate, and the assistance with reporting and proving compliance ensures our team is not tied down in administrative detail,” said Lauderbach.

About Akibia

Akibia provides innovative IT solutions that enable leading companies worldwide to optimize, secure, manage and support their mission-critical infrastructure. As an independent advisor, Akibia partners with our customers to deliver solutions that improve the availability, reliability and performance of their data center, network and security infrastructure. Combining expert consulting, integration and support services with world-class customer service, Akibia helps IT organizations reduce costs, increase efficiencies and manage risk in the data center. Founded in 1988, Akibia is an independent IT services company with offices throughout the United States and Europe.