Regulatory Compliance – some see it as a necessary evil; a periodic checklist to be completed so business can continue. Others embrace it as a security panacea that mitigates risks with minimal impact on business processes and priorities.The truth – compliance only indicates the presence of a control baseline which may not address all risks. While periodic audits serve to validate the presence of these controls, they tend to stimulate periodic compliance. This series explores continuous compliance as a means to generate business value.According to a white paper by CA Inc., continuous compliance efforts have the following characteristics: Automated Automated compliance reduces the resource cost associated with manual compliance. It also reduces the errors inherent a manual approach. Ongoing Ongoing compliance encourages a collaborative approach which discourages the emergence of “control silos”. Sustainable Centralized management of controls and data flows reduces the risk associated with inconsistent access policies found in some decentralized management scenarios. Targeting the touch-points between compliance mandates and core business processes allows for a sustainable compliance strategy.According to Brad Garland, CEO of The Garland Group, continuous compliance relies on collaboration and coordination between business units. “Understanding the interdepartmental relationships is critical to continuous compliance,” said Garland. His firm focuses on discerning how a client’s core competencies are connected to compliance activities. This approach allows “compliance to become a business driver for management, reducing the busy work for the auditors.”The next article in this series will explore the concerns around information sharing in a collaborative environment. A case study of a successful implementation will also be featured. Related content opinion Positioning the Security Team Through Influence Part 1 Influence styles are a reflection of the influencers and, by extension, their team. Thus, they must understand the situations to which different styles are applicable. This series explores the common influence styles and their application. By Steven Fox Apr 21, 2012 3 mins Technology Industry IT Jobs opinion From Obstacle to Ally - Repositioning the Security Team Pt 1 By Steven Fox Apr 08, 2012 3 mins Technology Industry IT Strategy opinion Key Sessions at CISO Executive Summit 2011 By Steven Fox Dec 03, 2011 3 mins Business Continuity Data and Information Security Careers opinion Securing User Credentials On Mobile Devices By Steven Fox Nov 15, 2011 4 mins Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe