CONTACT     Overview Step by Step to IT Compliance     Solutions

Step by Step to Compliance-conformity in IT Background: Courts Demand Stricter Compliance with Rules The European Union (EU) has now adopted a guideline which is intended to fulfill the same purpose in Europe as its counterpart, the Sarbanes-Oxley Act (SOX), fulfills in the USA. The EU’s members are required to implement “EuroSOX,” the 8th EU guideline, in their national laws by June 29, 2008. Among its other stipulations, this new guideline prescribes that enterprises whose shares are traded on stock markets, as well as other enterprises of public interest, must create and assure the effectiveness of internal control systems and, if applicable, internal review and risk-management systems. IT currently forms the basis for the majority of business processes in enterprises, so IT is strongly affected by the 8th EU guideline and by other already existent guidelines and laws such as the Bundesdatenschutzgesetz (German Federal Data-Protection Law), GdPDU, KontraG, etc. Providers of solutions in the fields of risk management and compliance have already repeatedly communicated the fact that management and supervisory boards can potentially be held personally liable. Many people, however, may not yet be aware that verdicts have already been handed down on the basis of these legal foundations. A central issue in assuring compliance is to know who has access to which information in a business’s network. Nearly every guideline ultimately requires proof and gapless documentation of access rights and the processes for the granting of such rights. Many people tasked with IT responsibilities are aware that their businesses are not adequately equipped to comply with existing requirements. They’re under pressure to comply, so they’re grateful for a provider who can offer a methodical approach to the gradual buildup of a management solution for users, identity data, rights and resources which consistently implements compliance requirements. They’re also grateful for a provider who can offer corresponding tools for rapid compliance and for the minimization of risks posed by these urgent problems. > Next ...                                      > Download PDF     1 | 2 | 3 | 4 | 5

©econet | AGB |