Corporate compliance tutorial

Data Management Corporate compliance tutorial:

Corporate compliance tutorial

Two words come to mind when the conversation turns to compliance: costly and confusing. But, let this tutorial be your corporate compliance resource, whether you want to learn about Sarbanes-Oxley compliance, healthcare (HIPAA), regulatory compliance or auditing. This tutorial covers corporate compliance issues from beginning to end.

  • Compliance and auditing

    IT auditor Matt Zerega defines the auditor's role in the enterprise. "In the simplest terms, IT auditors provide executive management with our independent assessment of the effectiveness of controls put into place to protect information, hard assets and people from potential damage. We help determine what areas of IT might need attention to reduce risk to levels that management finds acceptable. We don't, however, recommend how to fix any flaws we discover."

    Learn more: Compliance and auditing

  • Compliance in the Enterprise

    Why has regulatory compliance become such a prevalent concern for the enterprise? has an interesting take. "Perhaps because of an ever-increasing number of regulations and a fairly widespread lack of understanding about what is required for a company to be in compliance with new legislation. "

    Learn more: Compliance in the Enterprise

  • HIPAA - Healthcare compliance

    In April 2005, HIPAA Title II took effect. While some in the healthcare industry have been dealing with HIPAA since its passing in 1996, Title II brought the majority of the industry into the fold, including many of smaller and midsized enterprises Because of this, healthcare compliance spending on HIPAA is expected to exceed $3.7 billion for 2005, and account for 24% of total spending, according to a survey conducted by AMR Research last year. On average, companies that claim HIPAA compliance is there largest spending category will spend $2.2 million.

    Learn more: HIPAA - Healthcare compliance

  • Sarbanes-Oxley compliance

    Spending on Sarbanes-Oxley compliance will top $6 billion in 2006, on par with the $6.1 billion spent in 2005, according to a 2005 report from AMR Research Inc. But the emphasis is shifting, the Boston-based consulting firm found, with a greater percentage of the budget going to technology, as companies seek to automate and monitor the many controls required to comply with the 2002 federal act.

    Sarbanes-Oxley compliance is everyone's problem. According to, Sarbanes-Oxley is not a set of business practices and does not specify how a business should store records; rather, it defines which records are to be stored and for how long. And because the consequences for noncompliance are fines, imprisonment, or both, this legislation affects not only IT, but the financial and business sides as well, making it an enterprise-wide concern.

    Learn more: Sarbanes-Oxley compliance