IT Compliance Institute Launches Unified Compliance Project
Groundbreaking initiative offers broad-based alignment of over 60 regulations and standards; deconstructs complex requirements into consolidated IT compliance view
Seattle, WA, USA (July 11, 2005) -- Today, the IT Compliance Institute, an objective global authority on the role of technology in regulatory compliance, announced the launch of its Unified Compliance Project (UCP). The project represents the first independent initiative to exclusively support IT compliance management by revealing the overlap between complex regulatory requirements.
The Unified Compliance Project deconstructs the requirements of convoluted corporate regulations -- including Sarbanes-Oxley, Basel II, HIPAA, and Gramm-Leach-Bliley -- and presents them as a holistic IT compliance view. By helping companies to look past narrow project goals to see objective commonalities across compliance efforts, the Unified Compliance Project supports a strategic approach to reducing compliance costs, limiting liabilities, and maximizing the value of investments in compliance-related technologies and services.
“To reduce IT costs and make smart investments in sustainable compliance efforts, companies need to gain a unified view of their total compliance burdens,” says Cass Brewer, editorial and research director at the IT Compliance Institute.
“When companies understand where requirements for information security, records management, and other IT goals align, they can more easily leverage technology solutions and services across multiple compliance efforts, corporate divisions, and business systems. The Unified Compliance Project gives companies the basic information they need to identify such efficiency ‘sweet spots.’ At an atomic level, it reveals the alignment of regulatory requirements and governance standards with specific IT control objectives. Further, it frames this alignment in terms of technology impact areas that hold broad business significance.”
The Unified Compliance Project breaks down regulatory and standards requirements into twelve critical IT Impact Zones. These include: leadership and high level objectives; audit and risk management; design and implementation; systems acquisition; operational management; it staff management and outsourcing; records management; technical security; physical security; systems continuity; monitoring, measurement and reporting; and privacy.
Each IT Impact Zone features:
IT control objectives mapped to over 60 standards and regulations
Query functionality to identify what types of control objectives are required for multiple sets of regulations and standards
Original articles, related news, and white papers
Information on leading technology solutions
“The Unified Compliance Project represents another critical addition to the IT Compliance Institute’s portfolio of information resources. It supports the IT Compliance Institute’s primary mission to provide a comprehensive resource for IT compliance management dealing with the challenges posed by today's regulatory environment,” said Meighan Berberich, general manager of the IT Compliance Institute.
The Unified Compliance Project represents a cooperative research and development effort by the IT Compliance Institute and Network Frontiers, a compliance expert and consultancy. Network Frontiers engaged in a massive investigation to reveal the overlap in standards and regulations.
“In the last four years, we have seen an amazing trend where IT 'best practices' are now required policies and procedures,” said Dorian Cougias, CEO of Network Frontiers. “It all began with a call to action in regulations and standards coming from every vertical market, healthcare to finance, retail to energy, not to mention every branch of government. While all this is good, it is still terribly frustrating to comply with numerous regulations over and over. The objective of The Unified Compliance Project is to address the cry for help, from the server closet to the board room, by simplifying the compliance conundrum where single IT control objectives can be addressed to satisfy multiple regulations.”
For more information on the Unified Compliance Project, visit: http://www.itcinstitute.com/ucp/index.aspx.
About the IT Compliance Institute
The IT Compliance Institute (ITCi) strives to be a global authority on the role of technology in business governance and regulatory compliance. Through comprehensive education, research, and analysis related to emerging government statutes and affected business and technology practices, we help organizations overcome the challenges posed by today's regulatory environment and find new ways to turn compliance efforts into capital opportunities. For more information, please visit http://www.itcinstitute.com.
About 101communications LLC
ITCi is a division of 101communications LLC, an integrated media company aimed at specialized targets within the information technology community. 101's portfolio includes The Data Warehousing Institute (TDWI), in addition to nine magazines, more than 40 conferences, and extensive digital offerings in the United States and Europe. For more information on 101communications, visit http://www.101com.com.
About Network Frontiers
Network Frontiers, formed in 1991, offers network design and disaster recovery services, regulatory compliance consulting, and market research and technical writing for clients such as Symantec, Quantum, Liebert, VeriCenter, MessageOne, and the hospitality industry in conjunction with the University of Delaware. Authors of the internationally acclaimed and award-winning The Backup Book: Disaster Recovery from Desktop to Data Center and the soon-to-be-released The Compliance Book. For more information, please visit http://www.netfrontiers.com.