This whole concept of "compliance" is rather nebulous and fuzzy.  I see different vendors referencing it in different ways.  I hear different practitioners worrying about different things.  I wanted to speak with some IT compliance professionals with significant experience to see how they are handling this "compliance" responsibility.  I wanted to get the viewpoint of not only a practitioner responsible for an organization's compliance efforts, but also a consultant who has worked with a wide range of organizations to see where the compliance efforts, successes and challenges are greatest.  On April 17, I had the opportunity to speak with two such folks, Chris Pick, Vice President of Corporate Strategy at NetIQ, and Wayne Crane, CIO, also from NetIQ, about a wide range of compliance issues, and what—from their perspectives and based on their experiences—they believe businesses need to know about the whole concept of compliance.  As a publicly traded company, NetIQ must meet the same strict regulatory requirements, such as SOX, as many other organizations, so it was interesting to hear their thoughts. 

I posted my interview with Chris and Wayne in the Realtime IT Compliance reading room, "What Businesses Need to Know About Compliance." See their thoughts on:

• What "compliance" means to businesses
• International compliance approaches
• Industry-specific compliance challenges
• The most challenging compliance areas
• The use of frameworks, such as ITIL, for compliance
• The most challenging regulation for compliance
• What executives need to know about compliance
• Budgeting for compliance
• Using automation for compliance
• The single most important compliance activity
• The importance of executive support for compliance activities