Compliance efforts vary across industries and apply differently to enterprises, depending on organizational size, structure, and complexity of the IT environment. These compliance needs may be driven by government legislation, corporate initiatives, or related businesses that require their partners adhere to industry standards.
Regardless of the drivers behind compliance, one particular need remains common to all IT departments faced with a compliance challenge: to demonstrate compliance to auditors, executive management, and stakeholders. When word comes down to the IT department of emerging (or changing) compliance needs, it drives a reactive IT response. This response can be broken down into three steps:
- Identify Impact of Compliance
- Prioritize and Plan
- Report on Compliance Efforts
Tools included in this bundle:
- Change Communication Worksheet
- Compliance Impact Assessment
- Compliance Portfolio Tracking Tool
- Federal Rules of Civil Readiness Assessment
- Gramm-Leach-Bliley Act Security Assessment Checklist
- HIPAA Security Assessment Checklist
- Internal Control Identification Tool
- PCI Security Assessment Checklist
- Policy Assessment Tool
- Project Status and Cost Report Tool
- SOX Compliance Assessment
- Work Plan Template