CHAPTER 18: BUILDING MOMENTUM
Up, up and away
On a recent flight, I caught a snippet of the conversation behind me:
Of course, we are compliant.
Both my teams are compliant too.
Yes, yes, we are all compliant.
I could not help, but think that compliance for some has become a dance in, and of, itself. We gather evidence, identify control deficiencies and report to management. Performance is measured by the number of controls that have been successfully validated without exceptions, or conversely, a reduction in the number of deficiencies identified. This leaves us wondering what the forest truly looks like beyond the trees. To be sure, control deficiencies have real consequences – a persistent error in a system calculation can skew reported financials, ...
Get Compliance by Design: IT Controls that Work now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.