Management Information Systems
I.T Compliance Plan
By Team 18
Table of content
Introduction
Purpose of I.T compliance
I.T compliance in various fields
Planning
Development of I.T compliance
Implementation of I.T compliance
Pros & Cons of I.T compliance
Conclusion
Reference All team members
Introduction
Compliance can simply be defined as “following a set of rules”.
I.T professionals working for regulated and non-regulated industry should ensure compliance standards.
A compliance is a set of rules and regulation given by the government agency to be followed in different industrial sectors of an organization
It is a formal system which helps every organization to maintain the integrity and federal regulatory standards.
Purpose of I.T compliance
Security standards
Quality standards
Operation in accordance to the standards
Honesty and integrity of organization
Create ethics
Early intervention of defects or flaws
Corrective actions
Preventive actions
I.T compliance in Various Field
I.T compliance standard mostly include FDA regulation, CFR, Sarbanes oxyle , etc which are applicable for various industries.
GCP, GDP, GxP, GMP
Healthcare industry
Pharmaceutical Industry
Financial Industry
Banking Industry
Planning
Planning is one of the important role and a critical part, as it requires involvement of all the stakeholders of the organization to estimate the budget, time line, resources and project goal.
Roles and responsibilities
Risk Management
Risk Life cycle
Change Life cycle
Development & Implementation
Every phase of the development life cycle should be documented to maintain the compliance and audit purpose.
Determining the level of access
Identifying Gaps in the process
Audit management
Compliance training modules
Corrective and preventive action implementation
Business continuity process
Disaster recovery policy and standards
Pros & Cons of I.T compliance
Pros:
Regularly maintain the compliance standards improves the quality and efficiency of the process for the delivery of a project or product.
Maintaining the License by following standards
Cons:
Requires lot of training
Regular update is required to meet the current standard.
Conclusion
Key Take away
Every industry has their own methods in following the compliance to meet the government and federal requirement.
Regular update is required to stay complaint
Risk management process
Future of compliance
References
Chen, Y., Ramamurthy, K., & Wen, K.-W. (2012). Organizations Information Security Policy Compliance: Stick or Carrot Approach? Journal of Management Information Systems, 29(3), 157–188.
Puhakainen, & Siponen. (2010). Improving Employees Compliance Through Information Systems Security Training: An Action Research Study. MIS Quarterly, 34(4), 757.
Iane, S. (2013). Towards an electronic monitoring, observation and compliance framework for corporate governance using business process management systems. South African Journal of Information and Communication, (13), 0.
References:
Elgammal, A., & Turetken, O. (2015). Lifecycle Business Process Compliance Management: A Semantically-Enabled Framework. 2015 International Conference on Cloud Computing (ICCC).
Seitz, M., Schönig, S., & Jablonski, S. (2014). A Framework for Reasonable Support of Process Compliance Management. Business Information Systems Workshops Lecture Notes in Business Information Processing, 131–144.
Thank You