An IT compliance management program computer science homework help

Discussion response needed, needs to seem like a dialogue:

An IT compliance management program is important for any business, especially those that must abide by federal, state, and local laws and regulations. If I were a CIO, I would make sure each policy has a detailed section on how compliance is enforced, as well as ensure each has followed required laws or regulations. I would also focus on Access Controls for all users, as well as training. Access Controls would manage who has access to what information, as well as password policies. Employees would be trained on these policies, as well as whatever laws and regulations needed to be followed. I would form a compliance team, if possible, to monitor policy and regulation compliance. Additionally, I would perform a Gap analysis and regular audits of the system.

The two main regulations that impact the organization are the Sarbanes-Oxley Act of 2002, and the Gramm-Leach-Bliley Act. The Sarbanes-Oxley Act was designed to, “protect investors from the possibility of fraudulent accounting activities by corporations,” in order to, “prevent accounting fraud” (Investopedia, n.d.). The Gramm-Leach-Bliley Act requires organizations that handle financial products or services to, “explain their information-sharing practices to their customers and to safeguard sensitive data” (FTC, n.d.). Both of these regulations would be required for this company.

I would consider using a compliance tool. I believe to fully monitor the organization, a tool would be incredibly useful, and eliminate human error. As CIO, I would choose the MetricStream IT Compliance Management App. This program can monitor compliance with company policies, as well as federal guidelines, and can help the organization stay up to date with regulatory changes. The program, “scales across the enterprise, streamlining and automating IT compliance workflows, while consolidating compliance and controls data in a central repository” (MetricStream, 2016). By using an automated compliance tool, the company is ensure the effectiveness and validation of controls.

Investopedia. (n.d.). Sarbanes-Oxley Act Of 2002 – SOX. Retrieved November 10, 2016 fromhttp://www.investopedia.com/terms/s/sarbanesoxleyact.asp

FTC. (n.d.). Gramm-Leach-Bliley Act. Retrieved November 10, 2016 fromhttps://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act

MetricStream. (2016). IT Compliance Management App. Retrieved November 11, 2016 fromhttp://www.metricstream.com/apps/it-compliance-management.htm?Channel=Google_PPC&utm_campaign=IT_Compliance_Management_NA&adgroup=IT_Compliance_Management&keyword=It%20Compliance%20Management&gclid=CN73sISXodACFVlMDQodzz4E2g

Rasmussen, M. (2006, Mar 1). 7 Steps to a Highly Effective IT Compliance Program. Internal Auditor. Retrieved November 10, 2016 from https://iaonline.theiia.org/7-steps-to-a-highly-effective-it-compliance-program

NB: We do not resell papers. Upon ordering, we do an original paper exclusively for you.

Do you need a similar assignment done from scratch? We have qualified writers to help you. We assure you an A+ quality paper that is free from plagiarism. Order now for an Amazing Discount! Use Discount Code "save15" for a 15% Discount!

Request essay help

You can trust us for this and even for your future projects