IT Governance, Risk, and Compliance

Apr 28 2013   12:08PM GMT

Revisiting the Safeguarding of Information Assets – Part XI

Robert Davis Robert Davis Profile: Robert Davis

As long as multiple regulatory agencies have government supported agendas, variances can exist that induce comprehensive legal compliance reviews. Primary to multiple decrees control is a thorough analysis of what is required and ensuring quality documentation supporting legal compliance efforts. For example, prerequisite evidentiary requirements may insist on a recorded compliance methodology to justify reducing expected judicial sentencing.

Managements response to applicable laws and regulations vary based on legal, operational and technological alignment interpretations.  However, an entity’s ISG legal compliance system should include:

  • Risk assessments
  • Appropriate authority
  • Adequate resource allocations
  • Policies to prevent or detect illegal acts
  • Standards to prevent or detect illegal acts
  • Procedures to prevent or detect illegal acts
  • Personnel screening correlated to program goals
  • Program training at all employee levels
  • Non-retaliatory internal reporting systems
  • Incentives to motivate employee compliance
  • Discipline to promote employee compliance
  • Responsibilities assignments at all employee levels
  • Program effectiveness audits, monitoring, evaluations and reporting
  • Incidence prevention procedures deployment for similar repeat violations
  • Incidence response procedures deployment for equivalent repeat violations


Apgar, Chris. “Complying with multiple regulations and contending with conflicts.”, September 6, 2005.,289483,sid3_gci1122854,00.html (accessed April 21, 2008).

U.S. Sentencing Commission. “Chapter 8 – Part B – Remedying Harm from Criminal  Conduct, and Effective Compliance and Ethics Program §8b2.1.” In Federal Sentencing Guidelines for Organizations. Washington, DC: Government Printing Office, 2007. (accessed May 7, 2008).

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: