The Regulatory Compliance Planning Guide

Regulatory Compliance Planning Guide

Section 1: Introduction

Published: June 14, 2006

Download

Get the Regulatory Compliance Planning Guide

Solution Accelerator Notifications

Sign up to stay informed

Feedback

Send us your comments or suggestions

The Regulatory Compliance Planning Guide is designed to help IT managers and Microsoft customers meet specific IT compliance obligations that directly relate to major regulations and standards. The guide introduces a framework-based approach that you can use as part of your efforts to comply with these regulations and standards. The guide also describes Microsoft products and technology solutions that you can use to implement a series of IT controls to help meet your regulatory obligations.

This guide is not a comprehensive resource on regulatory compliance for every organization. For answers to specific regulatory compliance questions that concern your organization, consult your legal counsel or auditor.

The introduction for this guide includes the following sections:

Executive Summary. This section provides a broad overview of the regulatory environment and the primary goals of the planning guide. It discusses what knowledge IT managers need so that they can then start to address their regulatory compliance requirements.

Who Should Read This Guide. This section describes the audience for this guide, its purpose and scope, and caveats and disclaimers about the limitations of this guidance.

Regulations and Standards. This section provides an overview of the five major regulations and standards that this guide discusses:

Sarbanes-Oxley Act (SOX)

Gramm-Leach-Bliley Act (GLBA)

Health Insurance Portability and Accountability Act (HIPAA)

European Union Data Protection Directive (EUDPD)

ISO 17799:2005 Code of Practice for Information Security Management (ISO 17799)

IT Controls. This section discusses the various types of IT controls, how these controls work in combination, and why they are important components that your organization can use to help meet its regulatory compliance obligations.

IT Audit Process. This section provides an overview of the IT audit process that auditors use to assess regulatory compliance for most organizations.

Business Drivers. This section discusses the business drivers for regulatory compliance that include challenges concerning regulatory environment complexity, achieving and maintaining compliance, and the consequences of noncompliance. It also discusses opportunities to establish and improve process, gain competitive advantage, and increase ROI for your organization through time and cost savings.


Top of pageTop of pagePrevious2 of 6Next