|
|
|
All-Dimensional
Compliance™
Your SOA must comply
with a diverse, dynamic, complex set of regulatory,
business, and technical requirements. All-Dimensional
Compliance™ is the ability to ensure that
your SOA meets the composite set of baseline requirements
specific to your organization. These baselines
often derive from many sources, including regulatory,
competitive, and operational requirements.
Within SOAComply™,
the first step to achieving All-Dimensional Compliance™
is to model your organization’s compliance
requirements as a set of "Operating States."
Operating States are the baselines with which
your SOA must comply. The objects in SOAComply™
are associated with Operating States.
An Operating State
refers to any:
- Mission-critical business requirement
- Set of resource conditions to which SOA, or
segments thereof, is expected to comply at some
point in time
- Compliance baselines defined in laws, regulations,
contracts, agreements, expectations, policies,
rules, and performance thresholds
|
|
|
Operating States
may include:
- Regulatory mandates, such as Sarbanes-Oxley,
HIPAA, and Gramm-Leach-Bliley
- Service-level agreement dimensions, such as
availability, reliability, performance, and
security
- Certification programs, such as ISO9000
- Deployment life-cycle phases, such as pre-installation,
installation, operations, and decommissioning
- Critical transient business conditions, such
as peak-period, high-volume, surge, disaster
recovery, and end-of-quarter demands on the
SOA
- Legal agreements, such as customer contracts,
trading partner agreements, and software licenses
An Operating State can be all
of these dimensions combined into a composite
baseline. SOAComply™ lets you model any
baseline set of conditions that suits your business.
Operating States are defined by the user, not
by legislators or regulators.
SOAComply™ checks to see whether observed
SOA conditions comply with Operating States.
SOAComply™ is designed
to be the central linking point for any third-party
network, service, system, or operations monitoring
product. A key capability in SOAComply™
is the ability to extract status information from
any agent, probe, sensor, telemetric device, monitoring
tool, or other resource that is capable of producing
structured status reports. If the SOA, as observed
through this network of agents and sensors, deviates
from Operating States, SOAComply™ flags
the discrepancies and notifies the impacted and/or
responsible parties so that they can seek remediation.
SOAComply™ can determine the compliance
of any segment of the SOA with the applicable
Operating States. Operating State rules can apply
to specific applications, resources, and/or networks—and
to various collections and configurations of those
entities. If it
wished, an organization might define Operating
State baselines to a very granular level—such
as each user’s laptop and to the various
corporate applications running on those devices.
It’s entirely up to SOAComply™
users to decide the scope, breadth, depth, structure,
and content of the Operating State rules against
which they measure All-Dimensional Compliance™.
|
|
|
|
