Introduction to the Guide
Published: June 14, 2006 IT professionals who must ensure regulatory compliance for the IT systems of the organizations in which they work can be in a difficult position. Most regulations do not clearly state what is required from an IT perspective. Moreover, often many different regulations apply to a given organization. Unclear requirements and regulatory complexity make it hard for IT managers to know what they need to do to meet their compliance goals. And because the consequences of noncompliance can be quite severe, including fines and even jail time for egregious offences, many IT managers are understandably apprehensive about this important subject. To help address these needs, Microsoft has created the Regulatory Compliance Planning Guide. The guide is designed to help IT professionals and others interested in regulatory compliance in a number of ways. Specifically, the guide:
The guide was developed, reviewed, and approved by a team of authoritative experts in IT controls and regulatory compliance. This guide and other security guidance topics are available at the Security Center at www.microsoft.com/security/guidance. Please send questions or feedback about this guide to secwish@microsoft.com. The guide comprises four sections. This section introduces the Regulatory Compliance Planning Guide and provides a brief overview of the other sections in the guide. This section also contains:
Framework-Based Regulatory Compliance This section introduces the concept of a framework-based approach to address regulations and standards related to IT controls and privacy. Mapping Regulations to Technology Solutions This section describes how the regulations drive specific IT control requirements, based on the framework-based approach discussed in the previous section. In addition, this section presents specific technologies that you can use to help address regulatory requirements. Technology Solutions for Regulatory Compliance This section provides information about various technology solutions from Microsoft that can help address your organization’s regulatory compliance obligations. This section acknowledges those individuals who helped create this planning guide. |
|