Welcome to TechNet Blogs Sign in | Join | Help

Checking for compliance

We talk a lot about compliance at Microsoft,  We throw acronyms at you like SOX, and HIPAA and expect you to nod knowledgeably about how your company is complying with the compliance regulations.  But you may not be.  You may not be all that up to speed on what you need to do to comply with all of these compliance rules.  Well, here's a collection of documents to get you started on the road to compliance and what you need to do.  Its not as fierce or scary as you may think it is...
IT Audit Process 
By Bill Canning, Program Manager, Microsoft Corporation Audits are a critical component of the regulatory compliance process. Understanding how the audit process works and how auditors operate is important because it informs IT managers how to establish an environment that is compliant and easy to audit. This tip focuses on how auditors conduct the IT audit process.

Regulatory Compliance Planning Guide 
The Regulatory Compliance Planning Guide is designed to help IT managers and Microsoft customers meet specific IT compliance obligations that directly relate to major regulations and standards. The guide introduces a framework-based approach that you can use as part of your efforts to comply with these regulations and standards. The guide also describes Microsoft products and technology solutions that you can use to implement a series of IT controls to help meet your regulatory obligations.

Regulatory Compliance Demystified: An Introduction to Compliance for Developers 
For a developer, understanding the issues around regulatory compliance can be a difficult and frustrating endeavour. This article makes sense of regulatory compliance from a developer's point of view. It examines Sarbanes-Oxley, HIPAA, and other regulations, and covers the most important best practices that are common across multiple pieces of legislation.

Regulatory Compliance and Security Updates 
Learn why organisations can and should bring their security and management teams into the process of building policies and procedures to support their regulatory compliance and provide system administrators with the flexibility necessary to meet threats as they arise.

Creating a Systemized Approach to Regulatory Compliance at Microsoft 
The purpose of this white paper is to share some of the processes and tools that the Microsoft IT group currently uses to systematize the approach of supporting regulatory compliance activities at Microsoft.

A great start - all in one place...

 

Published Monday, July 03, 2006 9:16 PM by Eileen_Brown
Filed Under: ,

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

You can also stay up to date using your favorite aggregator by subscribing to the CommentRss Feed

Comments

Tuesday, July 04, 2006 5:44 AM by james governor

# re: Checking for compliance

great to see this material. looks like i have some reading to do. we built a topology for solving compliance problems using horizontal services, and licensed it under a creative commons license. would love to know your thoughts.
http://www.redmonk.com/wiki/index.php/COA
Friday, July 07, 2006 9:21 AM by Robs Blog

# Microsoft and Compliance

Eileen has put together a few postings on her blog about Regulatory Compliance in organisations.
Here's...

What do you think?

(required) 
required 
(required)