Skip to Main Content
The current business environment is replete with governmental regulations and standards for best practices. In the United States, for example, the Sarbanes-Oxley Act of 2002 (SOX) contains new regulations for accounting practices of public companies, whereas the Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains regulations concerning access to health care as well as the use and dissemination of health-care information. There are also a number of voluntary standards, such as ISO 17799 from the International Organization for Standardization, which contains a code of practice for information security management. Because the costs associated with noncompliance can be significant, businesses are looking for ways to effectively manage their compliance requirements.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.