You are here: Home / CTO / Compliance enhances IT support to the mission

Compliance enhances IT support to the mission

August 1, 2008 By

Triumfant I’ve previously blogged about Triumfant, a company that has mastered the automated detection and resolution of IT problems.   I also think of them as the world’s greatest compliance monitoring capability.  What do I mean by compliance?  I mean compliance in the context of the many rules, regulations and configurations that external organizations and the government require, and also compliance with your own policies and guidance.

For those who are not familiar with the full scope of compliance issues, a great source is the site of the IT Compliance Institute.   Their goal is to be a global authority on the role of technology in business governance and regulatory compliance.   That means they are driven to seek out regulations, understand the requirements for compliance, and then help determine the best way to automate that compliance.

The site holds several white papers and checklists on topics like IT Audit, Risk Management, keeping up SOX compliance, Change Management, Logging, Reporting, and Security.  These papers seem to be good primers for any CTO or other enterprise technologist who needs to understand this domain.

Here are some other thoughts on compliance:

- During my time as a CTO of a DoD Agency, I noticed a shift in how federal organizations perceived compliance.  Federal organizations are all about compliance, and have long followed mandates like the Clinger-Cohen Act, FISMA, the many Enterprise Architecture requirements (like DoDAF or FEA), and a wide variety of other requirements.   But most federal organizations did not treat compliance as a way to optimize delivery of IT capabilities to users.   And most federal organizations did not have to comply with many of the regulations being levied on industry (like SOX, for example).   That is all changing.

- More recently IT professionals began to see compliance and the need for automated control of systems as a way of not just complying with regulation and reporting requirements, but a way of ensuring uptime, helping speed delivery of new software deployments, helping reduce IT admin costs, and helping with overall abiity to support the mission.  Add to this new awareness of the importance of compliance the recent shifting of federal policy  towards having agencies produce financial audits and IT auditing requirements to the same standards as the commerical sector.

There are more shifts in compliance underway in the federal space, including a new Federal Desktop Core Configuration (FDCC).  I see all this compliance as a good thing that should be executed in a way that enhances uptime, enhances security, and enhances the delivery of capability to end users.

For more on compliance see my previous post    http://ctovision.com/2008/07/automated-resolution-of-it-problems/

For more on triumfant see:  http://triumfant.com

Filed Under: CTO, Cyber Security Tagged With: , , , , , , , , , , , , , , , , , ,
About BobGourley

Bob Gourley is Crucial Point LLC’s founder and editor of CTOvision.com. Bob has received industry recognition including Infoworld top CTO award, AFCEA’s meritorious service award, and recognition as one of the top 100 “Tech Titans” in DC by Washingtonian magazine. He was named one of the “Top 25 Most Fascinating Communicators in Government IT.”

  • itsupportlondon

    I sounds like a great tool for monitoring, we'll look more in to this

  • itsupportlondon

    I sounds like a great tool for monitoring, we'll look more in to this

  • Anonymous

    I sounds like a great tool for monitoring, we’ll look more in to this