The word ‘compliance’ has come a long way in the English dictionary. It might have started as yet another addition to the vocabulary, but now the image it conjures up – little would have the people who coined this word foreseen this evolution.
SOX, HIPAA, PCI, FISMA, GLBA… and considering the probability of the future Enrons, this list is only expected to grow. However, since many organizations have taken active steps to adhere to the compliance-rules, transactions on the web have become a lot safer than they used to be! Companies will surely not want to take the risk of being non-compliant…not if they have to face dire consequences!
You’ll have to face those dubious ‘CNN moments,’ where you’ll need to parade in front of the camera for the whole nation to scorn you. As a consequence, you’ll lose out on a large chunk of customers – who’ll want to project themselves as a victim of fraud!?! If you are a larger organization, the impact is even worse – the shareholders pull-out as their value will drop. This will, in the worst case, mean an abrupt closing of your business! Non-compliance triggers a domino-effect of events that never seem to stop!!
Additionally, there are consequences (of relatively less intensity) like paying thousands of dollars as penalty, and having a tough time fighting the Government to safeguard your dignity (and that too…by paying a lawyer!), or even worse, ending up in the prison!
Amidst all the above mentioned , be assured that being compliant and establishing compliance is not conversely difficult as the consequences seem…not if compliance becomes an everyday activity rather than a one-time task! If all access logs and financial data are maintained and audited regularly, there’s no need to ‘comply’ all of a sudden! It’s just there when you need it! Compliance is more like a set of rules that streamline the flow of financial audit process and strengthen data-security. It may seem that (if not caught red-handed), things do go well for the organization…but it’s always safer and better to be compliant – because it ultimately boils down to data-security!
Now comes that really achy part – establishing compliance; a situation more like ‘Water Water all around, and not a drop to drink.’ If you’ve been compliant all year long and you need to establish compliance, all you need is comprehensive software that will collate the data and generate neat reports that will establish compliance. There are tools that cater to specific compliance requirements, and also ones that deal with everything – SOX, HIPAA, PCI, GLBA and FISMA!
Throw away all your compliance woes folks! There’s nothing to it beyond being diligent in maintaining your financial records and being able to prove you’ve done so!!