Skip to Main Content
Laws and regulations increasingly impose requirements on IT business practices and products to achieve societal goals such as privacy, safety and accessibility. To meet these requirements, companies integrate their product development with an organizational infrastructure for managing compliance risks. The emphasis has often been on compliance with specific regulations, such as the 1996 Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act of 2002. However, as the regulatory landscape for information becomes more complex, companies are adopting more programmatic ways to understand and integrate these requirements.