Compliance can be defined as the rules or policies that regulate services and processes. These are often legally or contractually binding, and come from areas such as Government and governing bodies.
Compliance standards such as the relative new GDPR (General Data Protection Regulation), or industry specific ones such as HIPAA (Health Insurance Portability and Accountability Act) and Sarbanes-Oxley contain mandates which very much impact the requirements from the IT systems, with regards to privacy, data protection, data retention, and cyber security.
As DSC has clients across many sectors that need to adhere to these regulations, we have developed experience in tailoring or structuring the IT systems to ensure they are compliant, and align to the business policies pertaining to the compliance mandates.
As Governance can cover the rules, structure and framework for how a business is run, and can encompass compliance as well as risk management, it often both feeds the requirements of the IT systems, and places demands upon them.
For example, the businesses’ appetite for risk can affect the level of availability or recoverability chosen for the IT systems; and this can further drive requirements for Disaster Recovery and Business Continuity, which are also services DSC can offer.
Here at DSC, we are well versed with assisting to map these type of requirements to a suitable IT system, incorporating all of the above. This is usually done through our advisory type engagements, but can equally be part of the usual requirements gathering component of any IT project.