Introduction

All companies must adhere to regulatory requirements and as such, require a compliance program. For example, when a company trades, it must adhere to its local tax requirements; even a small company must have certain controls in place to ensure it remains compliant. Also, if a company accepts credit card payments, it must have controls in place to ensure it is compliant with the Payment Card Industry Data Security Standard (PCI DSS).

When creating a compliance program, it makes sense to develop processes that will benefit the business. For example, having good controls in place will simplify the audit process, lower insurance premiums, or simply protect against fines.

The purpose of the following recipes is to help you identify and plan a compliance program using System Center in conjunction with other Microsoft technologies. The examples are provided throughout the book, demonstrating how they will benefit your company.

This chapter identifies and defines the first steps in your compliance process based on regulatory standards or similar requirements and how they relate to business objectives. It provides information on how to address compliance requirements with the help of controls. It offers advice on how to interpret authority documents to extract those controls. The book specifically focuses on technical controls.