The act of complying with Regulations, Standards and Frameworks is becoming essential business practice. The IDL Compliance Program identifies the compliance issues that are generating compulsory and compelling IT investment across a variety of industry sectors. The menu below indicates the current location and industry sector issues. Use this menu to select a different location or industry sector.
|Issue Brief||New Policy Driver||IT Investment Implications||Compliance Timetable|
|European Solvency II Directive||Requires insurance companies to: “…have in place internal controls that are adequate for the nature and scale of the business.” and: “…identify and assess the nature and the significance of the risks they face… manage these risks to provide reasonable assurance of maintaining the undertaking’s overall financial soundness”.||Data collection
Monitoring or tracking solutions
Risk identification applications Storage
Moving into implementation and IT solutions demand.
|EU Data Protection Directive – 95/46/EC||This directive covers the use of data held on private individuals within the EU. It mandates that data must be handled fairly and openly, limited to the purpose for which it was gathered, stored securely and limited in its distribution. Individuals have rights to access and redress for any inaccuracies.
This act is augmented by two other acts specific to the telecommunications and electronic communications sectors which look at the automatic gathering of data and its uses.
US companies can comply through the US “Safe Harbor” scheme.
Operating and IT solutions emerging.