IT Compliance Articles Keeping Score in the IT Compliance Game
|
Companies of all sizes are
wrestling with the issue of IT compliance. From government mandates
such as the Sarbanes-Oxley Act of 2002 to meeting quality guidelines
such as COBIT (control objectives for information and related
technology) and ITIL (IT infrastructure library), organizations are
learning to adapt their software development process so that it becomes
a true business process that can be tracked, measured, repeated, and
cost controlled. Even small private organizations that are not driven
by government mandates are striving to reach IT compliance standards as
they relate to cutting IT costs by eliminating ad hoc and nonrepeatable
activities, improving software quality through metrics and
measurements, and reining in the risk associated with releasing
software applications to a production environment.
Compliance in a NutshellCompanies of all sizes are wrestling with the issue of IT compliance. From government mandates such as the Sarbanes-Oxley Act of 2002 to meeting quality guidelines such as COBIT (control objectives for information and related technology) and ITIL (IT infrastructure library), organizations are learning to adapt their software development process so that it becomes a true business process that can be tracked, measured, repeated, and cost controlled. Even small private organizations that are not driven by government mandates are striving to reach IT compliance standards as they relate to cutting IT costs by eliminating ad hoc and nonrepeatable activities, improving software quality through metrics and measurements, and reining in the risk associated with releasing software applications to a production environment. The trend toward IT compliance is really a way for upper management to say that software development must be managed in the same way as other departments, standardized, and repeatable. IT compliance really means that delivering business software solutions is no longer seen as a mystical activity performed by a few really technical people, but instead is viewed as a business process that must be carefully monitored, audited, and controlled to maximize the overall benefits of business automation. Achieving developer acceptance of standardized procedures for managing applications from development to release is one of the largest hurdles facing organizations today. Establishing a standardized development-to-release workflow, often referred to as the ALM (application lifecycle management) process, is particularly critical for organizations in their efforts to meet tough IT compliance mandates. This is much easier said than done, as different development teams have created their own unique procedures that are undocumented, unclear, and nontraceable. Achieving 100 percent compliance from all development teams requires that the ALM team clearly communicate the levels of compliance to the developers and clearly communicate to upper management which development teams are and are not in compliance. Keeping track of the game using a simple “compliance scorecard” can do the job. [Read More]
Set as favorite
Bookmark
Email this
Hits: 1454 Trackback(0)Comments (0)
|
TrackBack URI for this entry
Subscribe to this comment's feed