Follow / Friend Us
One of my favorite Microsoft sites to browse through is the IT Showcase by our own IT department (MS IT). On Friday, MS IT published a new download you might find useful, Creating a Systemized Approach to Regulatory Compliance at Microsoft, which contains two whitepapers on how Microsoft is streamlining regulatory compliance.
All companies face legal and regulatory challenges in information security, privacy, reliability, and business integrity. These often require major changes to systems and processes that can be expensive and time-consuming. To deal with the complexity of such compliance programs as SOX, HIPAA, and PCI, Microsoft needed to develop an overall regulatory compliance framework that could address current regulations as well as support future regulations. The goal was to create a long-term, holistic strategy for compliance rather than creating ad-hoc processes and tools to address specific requirements.
Microsoft ended up merging some regulatory controls across multiple compliance programs to avoid duplication of efforts, and created processes for ensuring accountability. These are some of the best practices identified in the two whitepapers:
Be sure to read both whitepapers in this download for more best practices!
- Andrea Weiss