14 March 2005

Business Benefits of BS 7799 Compliance...

Here are several business benefits of implementing BS 7799 as a management system for achieving compliance in organizations that are highly regulated:

BS 7799 brings your organization to compliance with legal, regulatory, and statutory requirements including HIPAA, Gramm-Leach-Bliley (GLBA), Sarbanes-Oxley, California SB1386, CFR21:Part 11, EU-Directive, and many others...

Market differentiation due to positive influence on company prestige, image and external goodwill parameters, as well as a possible effect on the asset or share value of the company

Demonstrates credibility and trust – satisfaction and confidence of stakeholders, partners, and customers

Reduced liability risk; demonstrates due diligence; lower rates on insurance premiums

Increases vendor status of your organization · Increase in overall organizational efficiency

Minimizes internal and external risks to business continuity· Management sets the example for appropriate security/privacy practices


The many sources of significant loss events are changing as we speak. Here are a few that should not be overlooked:

·Public perception
·Unethical dealings
·Regulatory or civil action
·Failure to respond to market changes
·Failure to control industrial espionage
·Failure to take account of widespread disease or illness among the workforce
·Fraud
·Exploitation of the 3rd party suppliers
·Failure to establish a positive culture
·Failure in post employment process to quarantine information assets upon termination of employees

Frankly, corporate directors have their hands full managing risk and continuity on behalf of the shareholders. The risk management process will someday have as big an impact on the enterprise as other key functions because shareholders will be asking more questions about the changing landscape of managing risk for corporate governance.

BS 7799, so what? So what? Boards of Directors have the responsibility to insure the resiliency of the organization. The people, processes, systems and external events that are constantly changing the operational risk landscape become the greatest threat to an enterprise. It’s the shareholders duty to scrutinize which organizations are most adept at “Continuous Continuity” before they invest in their future.

No comments:

Post a Comment