How does compliance work in many organizations? From what I've seen, it might look something like this:
Internal compliance is conducting an audit in three weeks, and we need to make sure we're compliant with all of our internal policies. What ensues is a heroic effort of people discovering or creating documents and other artifacts indicating what their policies are along with some checklists stipulating that they have indeed been executed against "the software system" and this often includes signed approvals from bodies like Change Advisory Boards and such. If the scope is at the enterprise level, people might spend late nights and weekends just to prepare themselves for the audit, or they might run through mock Q&As. After the audit, the team receives a report based on a snapshot in time and — viewing with a cynical lens — people try to determine who was most at fault for any arising issues.
from DZone.com Feed https://ift.tt/2JfjoZJ
No comments:
Post a Comment