BindView Compliance Summit Panelists Agree Mandates Are Good for Business Despite the Complexities.WASHINGTON, D.C. -- BindView Event Featuring Arthur Levitt and Industry Experts Points to Reducing Costs and Positive Impacts of Regulations as Key Focus Areas BindView Corp. (Nasdaq:BVEW BVEW Binary View ), a global provider of proactive IT security compliance solutions, conducted a landmark "2005 State of Regulatory Compliance Summit" at the National Press Club in Washington yesterday, highlighting the tremendous costs and complexities of regulatory legislation, as well as positive business impacts. Panelists, including Arthur Levitt, former Chairman of the U.S. Securities and Exchange Commission, and audit and industry experts agreed that regulatory compliance is a critical element in the business landscape, and as such needs more executive attention in terms of process, automation, and cost reduction. "Sarbanes-Oxley was put in place during a very specific point in time ... and like any regulation it has unintended consequences," said Levitt. "I clearly believe that the legislation, which is far less extreme than many proposals coming from the Congress at the time, has been a very important protection for business itself and as a consequence for the investor community ... it's been well worth the cost which is being so heavily emphasized by those paying the freight ... reform is a process, not something that is accomplished and put behind us ... restoring trust is the greatest challenge in business today." Organizations continue to face, however, daunting daunt tr.v. daunt·ed, daunt·ing, daunts To abate the courage of; discourage. See Synonyms at dismay. [Middle English daunten, from Old French danter, from Latin challenges and complexities in the face of massive regulatory scrutiny. AMR Research estimates that compliance spending will exceed $80 billion over the next five years and $15.5 billion this year alone. "Companies have to balance compliance risk with other business priorities by instituting reasonable and appropriate controls," added BindView Chairman and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. Eric Pulaski. "But creating a defensible case for regulatory compliance is no small balancing act ... Multiply the number of mandates with the reporting systems required for each, and you have a mammoth set of requirements." Pulaski identified three practices that are necessary components in reducing compliance costs and achieving a return on investment:
1. Engaging in a new spirit of cooperation and integration among
the IT, information security, internal audit and risk
management or compliance groups within an IT organization,
potentially reorganizing to achieve this goal
2. Making a decision to achieve a return on investment from
regulatory compliance, rather than treating it as an obligation
3. Mapping multiple regulatory requirements to a common
process-oriented framework and implementing a set of technical
policies, controls and automation tools
These challenges and best practices extend well beyond Sarbanes Oxley to include HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, , GLBA, FERC, the FDA's CFR CFR See: Cost and Freight 21 Part 11, and many others. Commenting on the HIPAA regulations, John Parmigiani, former chairman of the Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when (HIPAA) Security Standards implementation team, noted, "Inculcating good business practices is key to compliance, and compliance is a critical success factor for driving business itself." Other panelists included Everett C. Johnson, international president of the Information Systems Audit and Control Association Information Systems Audit and Control Association (ISACA) is an international professional association for information system audit. ISACA is an affiliates member of IFAC[1] and IT Governance Institute. (ISACA (Information Systems Audit and Control Association, Rolling Meadows, IL, www.isaca.org) A membership association dedicated to information systems auditing and security. Founded as the EDP Auditors Association in 1969, ISACA provides certification in auditing and security (see CISA and CISM). ); Dave A. Richards, president of The Institute of Internal Auditors “IIA” redirects here. For IIA in decision theory, see Independence of irrelevant alternatives. Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association of more than 128,000 members with global headquarters in (IIA); James C. Foster James Clifford Foster is the chairman and chief executive officer of Charles River Laboratories, Inc., an international company that works on the drug discovery and development process. , Deputy Director, Global Security Solutions, with Computer Sciences Corporation (CSC); and panel moderator Steve Kahan, senior vice president of worldwide marketing for BindView. An archive of the summit webcast is available for review at: www.bindview.com/Events/GetEvents.cfm?NUM=1436&AD=WB-0719BVWashSummit -Q205. (Due to the length of this URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. , it may be necessary to copy and paste To copy files from one location to another or to copy text and images from one document to another. All modern operating systems and applications have a copy and paste capability that is typically selected from an Edit menu. See cut and paste and Win Copy between windows. this hyperlink into your Internet browser's URL address field. You may also need to remove an extra space in the URL if one exists.) About BindView BindView Corporation is a global provider of IT security compliance software. BindView solutions remove barriers that limit an organization's ability to cost effectively demonstrate due care and maintain compliance with IT security policies and regulatory mandates. BindView policy compliance; vulnerability and configuration management; and directory and access management software combines best-practices knowledge with automated controls to reduce risk and protect IT assets at the lowest cost across users, systems, applications and databases in multi-platform environments. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at info@bindview.com, on the web at http://www.bindview.com, and at 1-713-561-4000 or 1-800-749-8439. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion