locked
PDF Download: Benefits of Regulatory Requirements with respect to Business Optimization - An IT-Infrastructure Compliance Maturity Model for Management, Compliance and IT Stakeholders RRS feed

  • General discussion

  • Microsoft Germany (Author: Michael Kranawetter (Xing-Profile)) published in cooperation with Experton Group a whitepaper, in English language and as well in German language: Benefits of Regulatory Requirements with respect to Business Optimization - An IT-Infrastructure Compliance Maturity Model for Management, Compliance and IT Stakeholders
    This document describes an approach that – like the Pareto principle – takes the phenomenon of distribution of effort into account. Keeping track of the fundamental issues and focusing on solving those takes us far closer to our goal – compliance. The focus here will be on aspects of infrastructure compliance, which are naturally very closely linked to the topics of availability, trust, and integrity, and thus build a bridge to information security. Does this mean that the document is for security experts only? On the contrary: At the end of the day, the aim is to create a communications basis for mutual understanding that allows the reader to gain a foothold in the field of compliance at various levels and from various viewpoints using a variety of approaches. The document can be read by managers, technical decision makers and IT experts alike. Start where you feel most at home.

    You could find the PDF-Document in this Blog-Article: Download: Issue: IT-Compliance [PDF Deutsch / English]
    Furthermore, you could switch the language with the Microsoft Translator Widget on the site.
    But sure, you could scrolling down and you will find at the end of the site the englisch Download-Hyperlink.

    Best wishes,
    Kay


    http://www.giza-blog.de/
    Sunday, June 28, 2009 2:47 PM

All replies

  • Thanks for the article Kay. I've made this one a sticky.

    This really tells the story of how a technical decision maker, manager, or IT professional can orient themselves to compliance topics, show relevance, and improve the organization's maturity through compliance efforts. The whitepaper captures the complexity of the topic. It is a great read, and I highly recommend it.

    "What compliance means, in a nutshell, is adhering to pertinent legal and regulatory imperatives and prohibitions. However, this view ignores the enormous complexity of the challenge that enterprises face in dealing with compliance today, particularly in the context of IT deployment. It starts with the question of pertinent jurisdiction; after all, if you do not know what is expected of you, you can‘t fulfill the expectations. Although this sounds simple, it is typically the first major problem in daily business: Correctly identifying actual and pertinent legal and regulatory requirements for an enterprise is highly complex and it takes just as much legal and technical expertise as it does insider knowledge of the industry."

    "People who not only know what is expected of them, and what tangible benefits this offers, but also what is likely to happen if worst comes to worst, are likely to find it far easier to plan the next steps and establish compliant and audit-proof IT. However, the first and at the same time most difficult step is that of actually concerning oneself with the topic in a serious way. The white paper that you now hold in your hands provides an excellent basis for this. I sincerely hope that you benefit from reading it, and that it in turn helps you to successfully plan your IT compliance structures and strategies."

    English PDF Link: http://www.giza-blog.de/content/binary/IT-Infrastructure_Compliance_Maturity_Model_Microsoft_Kranawetter_EN.pdf

    Jeffrey Miller
    SAT SA-SC
    Microsoft
    Wednesday, July 15, 2009 3:56 PM