Blog categories

My blog posts and tweets are my own, and do not necessarily represent the views of my current employer, my previous employers or any other party.

Many of these blogs were originally posted elsewhere on public sites, but have been re-posted here with attributions to the original location -- strictly as a means of a centralized archive of my perspectives.

I do not do paid endorsements, so if I am appear to be a fan of something, it is based on my personal experience with it. If I am not talking about your stuff, it is either because I haven't worked with it enough or because my mom taught me "if you can't say something nice ... "

vBlog: Regulatory Compliance vs Operational Readiness (2 of 4): SEC and SOX

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.



Last week, I did an overview of the dichotomy between regulatory compliance and operational readiness (BC/DR/HA).  For the next few weeks, I will take closer looks at specific segments of companies and their respective regulations.

This week, let’s take a look at the regulations that affect US financial institutions (SEC) and publicly-held companies (SOX).

Week 2: Publicly-held Companies and Financial Institutions

Next week, we’ll look closer at what IT professionals delivering data protection in healthcare organizations should know about HIPAA.

Thanks for watching.

Leave a Reply

@JBuff on Twitter