ISBN 9788183334891,Compliance by Design

Compliance by Design


EE Chong


BPB Publications



BPB Publications

Publication Year 2012

ISBN 9788183334891

ISBN-10 818333489X


Number of Pages 230 Pages
Language (English)


Reconsider how you view compliance and your business will reapthe rewards! A must have book for an yone who is looking to develop awarenessand deeper insight into IT controls, strategies and techniques tosolve compliance challenges! What does compliance mean to you? Is it a burden, abox-ticking exercise, or a way to avoid the penalties ofnon-compliance? Or do you see the opportunities it presents foryour business? In Compliance by Design, Chong Ee will show you how yourorganization can benefit from becoming compliant with the relevantnational and international standards. You will discover howintegrating controls into your processes will improve yoursecurity, increase your productivity, save you time and money, andincrease your profits. Drawing on personal experience and using up-to-date,practical examples, the book considers the elements and principlesof controls, and offers strategies to put them in place. It willshow you how to: Implement changes that will improve your processes Allay fears and overcome resistance from your stakeholders Integrate controls into your everyday processes Achieve synergy from interconnected processes Assess your priorities and handle conflicting objectives Analyse and manage risks Establish a system of controls that is right for your business Manage your technology to make it work for you. Moving away from traditional efforts Traditional efforts in attaining or sustaining IT complianceemploy an outside-looking-in approach, characterized by capturingvaried compliance requirements and/or frameworks and applying thesewithin the organisation. This book advocates an inside-looking-outapproach, emphasizing fundamental ideas of good control design asthe basis for developing effective and sustainable IT compliancestrategies. Tools and techniques Intended to arm you with the tools and techniques to put inplace the right system of internal controls, the focus is on ITcontrols, but with plenty of references to business and entitycontrol