Toronto, Canada (PressExposure) January 09, 2010 -- Compliance is a business term that implies expensive operational impact, productivity losses and no calculable ROI. It just needs to be done. Security standards and IT governance are the two most complex and expensive types of compliance facing todayâs national and global enterprises. They take money, expertise and in many cases, strong relationships with the large auditing firms to pull off, year after year.
In addition to the world-wide shift towards privacy breach notification, businesses are required to be compliant with an ever-growing number of diverse industry standards and legislation. Intended to protect intangible assets, these place enormous pressure on budgets and resources while often appearing to negatively impact business objectives.
Enter Informatica Securityâs Harmonized Control Assessment Framework (HCAFâ¢ or âHarConâ). Based on proven risk assessment (FlexSecure Verifyâ¢) and risk management frameworks (STORMâ¢), it is a tool designed to vastly reduce the costs and efforts of organizations to keep up and maintain security controls across the enterprise by:
1. Aggregating the IT controls required for all applicable standards and legislation 2. Implementing an efficient audit framework and real-time process visibility 3. Consolidating remediation and control management processes
According to security and privacy consultant Claudiu Popa: âour clients annually report compliance costs easily in the millions of dollars and weâve been chipping away at those costs due primarily to the unparalleled expertise of our certified experts. Today, we are able to literally deliver quantifiable cost savings in the millions primarily due to the innovative effectiveness of the HarCon Frameworkâ. Claudiu Popa is president of Toronto-based Informatica Security Corporation and author of the Canadian Privacy and Security Toolkit, published by the Canadian Institute of Chartered Accountants:
With compliance costs for PCI DSS alone estimated in the $2.7M range for large merchants, the aggregate costs for SOX, IFRS, Bill 198, Directive 2002/58/EC, PIPEDA and a multitude of reporting bills and laws currently in the works are not only prohibitive, but their logistical management would continue to be an impossible task. Informaticaâs pre-audit, assessment and remediation solutions are delivered by respected, certified security industry veterans with extensive field expertise and a focus on management consulting. Enterprise class organizations interested in signing up for an HCAFâ¢ pilot are invited to contact Enterprise@SecurityCompliance.CA