Abstract
One of the biggest changes to affect the IT industry over the past few years has been the concern for compliance of a variety of regulations and legislation. “Compliance” is a broad term that can carry a lot of meanings. This chapter presents some important compliancy regulations. The goal here is to provide a brief overview of the rules and regulations; one can then either pursue further information or decide if the issue does not pertain to his company. For ITers, the biggest impact of the rules and regulations of compliance generally relates to controlling, securing, and managing data. This is no small issue; making data flow from one place to another is hard, and making it flow only to certain places and not to others is even harder. The next sections represent some of the more impactful guidelines under which many organizations and IT departments have to operate. This chapter isn't intended to be a how-to guide for ensuring compliance, but to make the new IT Manager aware of the various issues and their importance. There are some common practices that can help get one where one needs to be: document the policies, identify control mechanism(s), educate the employees, and maintain evidence. Each practice is discussed in more detail in this section. In terms of effort, compliance is at best a burden, and at worst an enormous waste of time and resources. In light of all the activity surrounding compliance, one should be aware of a number of methodologies, frameworks, and processes developed by third parties. While this chapter provides a taste of the world of IT compliance, as required by various legislations, there are other “compliance” activities outside of enacted statutes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
