| A Corporate Law Economic Reform Program (CLERP 9) |
CLERP 9 works in conjunction with ASX-CGC Corporate Governance Rules covering financial reporting in
Australia.
Requires CEO sign-off of the veracity of
accounts, including the underlying
systems and, through principle 7 of the
principles of good corporate governance,
risk management. Also requires timely
and balanced disclosure. |
Risk Assessment Systems
Storage
Email Retention
Disaster Recovery Financial Systems |
Operational |
| Personal
Data Protection Bill |
All businesses and organizations that deal with personal information must not use data other than for clear, specified purposes; information must be collected properly;
must be current; kept secure and handled
in a transparent manner that properly involves individuals. |
Security
Data Management
CRM
Workflow
Document Management Systems |
Operational
Operating and basis for ISO 27001 standard information security adoption with related IT security solutions for integrated Information Security Management System [ISMS]. |
| Spam Act |
Mandates that businesses should only send commercial messages with the
recipients consent, identify the sending party and allow the recipient to
unsubscribe. |
Database
Storage
Backup
Disaster Recovery |
Operational
Fully operational and demand for IT solutions still expected to reduce cost and risk. |
| Privacy Act |
A wide ranging Act that covers the principles of data protection across all sectors, including medicare,
government, financial and other private
sector bodies. Requires the dual aspect
of protecting inadvertent disclosure of
private information together with the
need to disclose relevant information to
appropriate bodies. |
Security
Data Management
CRM
Workflow and Document Management Systems |
Operational
The ISO 27001 information security standard will probably be adopted as the foundation and the associated IT security infrastructure. |
ISO 20000
IT Service Management Standard |
ISO 20000 comprises two parts: ISO 20000-1 is the 'Specification for Service Management, and ISO 20000-2 is the 'Code of practice for Service Management'.
Together, these form a top-down framework to define the features of service management processes that are essential for the delivery of high quality services.
ISO 20,0000 allows IT organizations to formally certify their IT services, using ITIL [Information Technology Infrastructure Library] global best practice for IT service delivery. |
Security Management
Storage Management
Business Application Management
Server, Network & Device Management |
Operational
Rapidly adopted as the international standard for IT Service Management based upon ITIL based upon substantial TCO reduction as business case. |
|
ISO 27001
Information Security Standard |
ISO 27001 is the formal standard against which organizations may seek independent certification of their Information Security Management Systems to reduce businesses’ information security vulnerability. |
ERP solutions
IT Security Applications and services |
Operational
Rapidly being adopted worldwide as the
standard for business’ information
security. |
|
IAS (International Accounting Standards) |
International standards on accounting and the regulation of financial result calculation. Designed to improve transparency and represent a step towards a common global accounting standard. |
Enterprise
integration systems
Data gathering systems. |
Operational
The legislation will require significant
investment in appropriate systems to
facilitate internal reporting and data
gathering. |
|
Sarbanes-Oxley Act (SOX) |
Act (part of 2002, Sarbanes-Oxley Act) which
mandates that all auditing firms retain
records relevant to audits and reviews
also has significant implications on
companies’ IT resources. |
Document
Retention Systems
Email Management Systems
Content Management Storage Solutions |
Operational
SOX 404 deadline for non-accelerated filers and foreign private issuers in 2007 opening IT solutions for automated reporting including US owned off-shore corporations. |
|
APRA Draft
Standard on Business Continuity
Management |
Applies to all deposit taking institutions, general insurers and life insurance companies and lays out the requirements for an auditable business continuity plan to account for a range of threats, from utility failure to bomb threat or damage. |
Covers all
areas of business continuity management
from secondary facility to backup,
parallel systems, tape and operational
management. |
Potential
Reviewing implementation
deadlines. |
|
International Association of Insurance Supervisors (IAIS)
– Draft Standard on disclosures
concerning investment performance and
risks |
Covers the scope of disclosures on financial performance and risk that insurers need to make on a timely basis, Works in concert with IASB rules where these are implemented in-country. |
Risk
analysis and monitoring
Database
Data monitoring
Communications
Specialist applications |
Potential
Reviewing implementation deadlines. |
