As a group, provide a detailed plan of action based on life cycle concepts to develop and deploy an ongoing IT compliance process. Your plan should provide practical knowledge on what you should consider when developing and implementing an IT compliance program for key regulations such as Sarbanes-Oxley, HIPAA, GrammLeach-Bliley, PCI and others to achieve meaningful IT governance.
Your plan should include the following:
Discuss the challenges IT divisions face in achieving regulatory compliance
Assess how IT governance will improve the effectiveness of the IT Division to attain regulatory compliance Develop a broad vision, an architecture, and a detailed plan of action that follows a life cycle concept Assess all key business processes and IT compliance factors and link to all business processes (financial and non-IT) to develop an aggregate vision of IT compliance Your detailed plan should include the following phases: initiate, plan, develop and implement.