Compliance is a very overworked term and in many cases synonymous with insurance. That is, yes we have it but only when needed do we truly understand whether or not we had the appropriate coverage. Compliance in the area of data integrity, reliability and availability is essential to the performance of companies even more emphasized when the company is under contractual covenants defined by its clients. Compliance goes beyond simply stating an understanding but extends into the best practices and daily operations followed by all employees and the company as a whole.
In evaluating your compliance level, the initial step is to assure that the appropriate policies have been documented and conveyed. In addition to the obvious physical securities surrounding data centers, both on premise or through your hosting provider, the following documents should be readily available for review:
- Overall Quality Assurance Policies
- Patch management Policy
- System Architecture Policy
- Disaster Recovery Plan, Policy and Checklist
- Data Security Compliance Policy
At Sand Solutions we work closely with our clients to assure that all elements of compliance have been addressed and for our hosted clients there is an assurance that compliance is not just an insurance policy to be tested but rather a way of daily business. For more information please contact Sand Solutions.