A good example of the value of a foundation that addresses the fundamentals of compliance can be seen in how the SEC measures regulatory compliance for their customers.
The Security and Exchange Commission (SEC) is a US agency that has put in place a regulation that controls the retention and management of records related to the sale of US securities and applies to any financial institution worldwide selling US stocks and bonds.
The regulation specifies the retention periods for the types of information that must be preserved for future reference and the SEC has the authority to audit companies for compliance.
The SEC does not attempt to certify specific technologies, but assesses the effectiveness of the total environment (process, procedure and technology).
Given the rapid evolution of technology, this is a very common sense approach to measuring compliance; one that supports the philosophy of establishing a compliance foundation that can be built upon to meet specific requirements.
This post is part of a series of articles addressing the issues of data regulations and compliance and written by Steve Tongish, Marketing Director EMEA at archiving solutions specialist, Plasmon for StorageProportal.com.
If you want to read other articles in the series, please click on the author's link above.