BLOG

Managing Compliance in the Operations Environment

September 27, 2010 by Joe Cudby

 

Compliance in the operations world is usually driven by some combination of acronyms and the technical and operational requirements they imply. In the government space, it may mean FISMA, DIACAP; and in the commercial space, we are most familiar with PCI, HIPAA, SOX. In an environment such as Carpathia Hosting where we have a wide variety of both commercial and federal customers, our operations organization has to be able to support our clients compliance requirements, whatever acronym they have to use.

In our experience - as confusing as meeting a single acronym can be - running an organization that has to meet and understand all of them presents a distinct set of challenges that we have worked to overcome.  I’ve outlined some of these challenges below.

Ineffective and inefficient processes.

Much of the work related to compliance should be routine and ingrained into the culture of the organization. This is where effective and efficient processes are critical. Complicated steps, or poor documentation, can lead to missteps and can cause unnecessary work for teams and auditors, forcing them to play “catch up”.  Carpathia has spent the past 10 years refining our processes, which translates into much more efficient audits, often allowing auditors to complete their work in a matter of hours rather than weeks.

Poor communication of roles and responsibilities, internally and externally

Processes that encourage communication in clear terms are critical to meeting compliance requirements. Where teams are uncertain of their role in compliance, unclear on how to hand off information to other teams, and uncertain of customer requirements, there are bound to be items that get missed, causing poor audit results and potentially the loss of ATO, fines or even imprisonment. At Carpathia, we have developed clear roles and responsibilities, as well as efficient internal handoffs. In addition, frequent and structured communication with our clients has allowed us to clearly provide our customers with the information, reporting, and data they need to successfully meet their requirements

Poor or incomplete tool set

Tools that facilitate process and communication are vital to supporting the compliance effort. Poor integration of disparate tools will lead to confusion, wasted time and potentially missing critical data. As systems become more and more complex, data requirements are constantly changing, usually forcing new data points to be captured, stored and reported against. At Carpathia, we have a clear strategy to buy best of breed tools where possible, and build where there is nothing that provides the data and integration our customers demand.

If appropriate investments are made in process, communication and tools, much of compliance can become second nature. Here at Carpathia, we’ve made those investments throughout our operations organization over the past 10 years so our customers don’t have to.

[ Authors ]

[ Archives ]

Archives

Write a comment

  • Required fields are marked with *.

If you have trouble reading the code, click on the code itself to generate a new random code.
 
Showing comments 1 to 4 of 23 | Next | Last
fxydvjzhok
Posts: 23
Comment
VndksbFvwcnrGkyWMNj
Reply #23 on : Mon January 14, 2013, 06:31:44
u0nkFy <a href="http://upkfytgczuee.com/">upkfytgczuee</a>
dmbghrrxqb
Posts: 23
Comment
LLfCVqOXzEW
Reply #22 on : Sun January 13, 2013, 21:03:48
LWXOna , [url=http://uzjmgzgkrjtv.com/]uzjmgzgkrjtv[/url], [link=http://gwjspqnlqhes.com/]gwjspqnlqhes[/link], http://zmenbudbehrl.com/
Tomomi
Posts: 23
Comment
aQXwiHJibKBrNwq
Reply #21 on : Sat January 12, 2013, 05:54:21
???????, ????? ??????? ????! ????? ?????????????. ? ? ?????? ? ??? ????? ???????? ??? ????, ????????? ???????????? ??? ???? ???????. ? ??, ??? ? ?? ????, ? ??? ? ?? ?????. ???????:? ?????? ???? ??????, ??-???? ???? ????, ?????????????? ? "??????????????? ?? ????????". ? ??? ? ?? ????? ??? ??? ????? ? ??? "complexity arrise from the silpme rules". ???? ????? ?? ?????????? ???? ??????? ? ????? (c?. ????? ????????? ????).? ??????? ? ????????? ????? ???? ???? ?? "???????????? ???????". ??? ???????? ??????? ????, ??? ?????? ???????????, ????? ?????????, ??? ????? ??????????? ???????. ? ???????????? ??? ????????? ?? ??? ??? ?????.? ????? ????? ??????????? ????????. ??????? ??? ???????. ???????????? ?? ???? ????????????.? ?????? ????? ???? ???? ?? ???????? ?? ??????? ? ?? . ??????? ?????? ? ?? ???????.
Sunil
Posts: 23
Comment
HOEpoSqDvcwGpCuAmXp
Reply #20 on : Sat January 12, 2013, 05:42:48
Wow My cock hurts after finding your sites. The blogs are a good idea. Where in the world of porno do we have a fbeedack mechanism. And if someone does, is there someone at the other end who cares.
Showing comments 1 to 4 of 23 | Next | Last
   
engage
twitter facebook linkedin
connect
facebook share twitter share linkedin stumble digg delicious reddit mail