White Papers for Basel II Capital Accord (Basel II)
Leveraging Regulatory Compliance Investments to Add Business Value
Dozens of laws, regulations, and industry standards worldwide have made doing business on a global scale more complex than ever. Companies such as yours must comply with pertinent government mandates for each country and locality in which they conduct business, making them subject to multiple laws, even if they operate in a limited geographical area. In addition, certain industries, such as the payment card industry, impose security standards with which compliance is necessary to do business. Achieving compliance presents a formidable challenge and requires a signifi cant investment in people, processes, and technology.
Because of the integral role information technology (IT) plays in business processes, establishing the proper IT controls is paramount to achieving and maintaining compliance. To ensure that these controls are effective, you must establish a comprehensive complement of IT processes that are based on best practices. In addition, because of the complexity of IT infrastructures and the stringent requirements set by the regulations, you need to deploy systems-based solutions to enforce and automate these IT processes. Manual controls are far too cumbersome, error prone, and difficult to audit.
While laws vary from one country and locality to another, and security standards vary across industries, most have commonalities with respect to IT controls. Consequently, you can leverage the technology investment you make to achieve compliance across multiple sets of regulations. Better still, you can further leverage that investment to generate value well beyond regulatory compliance. This includes gaining additional benefi ts such as improving IT service quality while lowering IT costs.
This paper focuses on compliance from the standpoint of the IT organization.
• It examines some of the laws and security standards in force worldwide and discusses their commonalities from an IT control perspective.
• It explains how the Control Objectives for Information and related Technology (COBIT) IT control framework provides a strong foundation for achieving compliance with multiple regulations.
• It describes the IT Infrastructure Library (ITIL®) framework and how you can use it to establish IT processes that not only help you achieve and demonstrate compliance, but also enable your IT organization to help drive business goals.
• Finally, the paper identifies criteria to help you evaluate systems-based solutions for supporting and leveraging your compliance efforts.
View the White Paper
Share or bookmarklet this web page at: