Solution monitors IT systems for strict regulatory compliance
Regulations are there for a purpose, but that doesn’t change the fact that complying with them can be a real pain.
Compliance management capabilities help companies execute a regulatory process by ensuring that IT applications, systems, and security measures meet specifications. By integrating compliance management with the overall enterprise architecture, companies can determine how IT changes affect compliance on a current and future basis.
“Following regulations requires access to a great deal of data,” says Erik Masing, CEO of alfabet , an IT enterprise architecture supplier. “Most of this data is gathered once a year and requires an entire staff to collect it. The process is costly and time-consuming. alfabet’s planningIT system provides this information automatically.”
Since government regulations change frequently, compliance is a very dynamic process, adds Masing. “Any change in IT can have far-reaching effects, particularly in sensitive areas such as financial systems. It is common for a large organization to have as many as 800 applications throughout the enterprise, and nearly two-thirds may be changed every year.”
planningIT’s modeling and analysis features and “what-if?” scenarios allow companies to determine what changes must be made to be in compliance.
“The system maps out which interfaces or applications need to be addressed, or what security measures must be included,” says Masing. “The difference is all these things are determined before solutions are implemented.”
|alfabet’s planningIT enterprise architecture solution enables effective management of business and technology volatility in stage gates that pave the way to IT governance.|
Typically, companies are trying to comply with a legislative policy, which demands doing something a certain way or following a specific procedure, says Robert Handler, a VP with Stamford, Conn.-based Gartner Research . For example, a hazardous electronics regulation requires companies to track items for the duration of their life cycles and dispose of them in an eco-friendly manner. “Compliance systems should provide an audit trail, and also detect conflicts between projects,” says Handler.
Enterprise architecture systems such as alfabet’s planningIT use workflow and simulation techniques to map scenarios against current and future plans.
“The system uses metadata to perform “what-ifs?” and visualize outcomes,” says Handler. “Users can see if results will be better or worse than the current environment. They may try lean techniques or Six Sigma to see how they will affect the long-term vision.”
Originating in Germany, alfabet opened U.S. headquarters in Cambridge, Mass., in May 2007. Users are large organizations in insurance, banking, manufacturing, telecommunications, and automotive.
The German railway, Deutsche Bahn , is one alfabet client that used planningIT for portfolio management and managing strict controls from regulatory authorities. The IT landscape of such a complex organization as Deutsche Bahn means when a component needs to be changed, it’s necessary to consider all of the standards and interfaces it touches. The passenger transport division uses about 400 applications in total.
Deutsche Bahn had a low level of standardization since many of its core processes were developed in-house, and there was no overview of existing IT. Instead, there were numerous decentralized documents bearing on regulatory compliance, and steps taken included the consolidation of more than 650 Powerpoint slides, all of which had to be updated.
Because the division’s applications weren’t standardized, the flexibility and adaptability of alfabet’s planning software was a big advantage during the structured inventory process. Close alignment of IT with business goals was the result.