As regulatory pressures continue to mount, the need for solutions which aid in complying grows in kind; after all, the cost of audits is high and the cost of failure even higher. Automating the collection and collation of the data required for these audits ensures consistency and efficiency and Policy Compliance Management (PCM) software is designed for just this purpose. Any regulated enterprise, especially those governed by more than one set of regulations, must investigate PCM and its benefits.
PCM 101
The singular purpose of PCM software is to assist an enterprise with demonstrating that it has achieved regulatory compliance. Though it may be tempting to compare PCM with Security Information Management (SIM) and Identity and Access Management (IAM) as a security management tool, to do so would be inappropriate. Those solutions are focused on security first and foremost and aid in achieving compliance only as a side benefit. This is not to say that PCM software is not capable or useful in setting and maintaining enterprise security; on the contrary, the establishing and enforcing of policy is a critical process in ensuring enterprise security. However, PCM's security management capabilities are definitely secondary to its intended purpose.