By Minda Zetlin
Does your organization need to demonstrate compliance with new—or newly rewritten—regulations or contractual obligations? Have you been asked to submit to a risk assessment or security audit by a business partner or potential investor? If so, a cloud-based ERP deployment can vastly reduce your workload.
“A lot of organizations, whether small or large, are being asked to demonstrate compliance,” says Guy Baroan, president of Baroan Technologies. Many companies engage his firm because they don’t have the technology to meet these compliance requirements, he says. “Someone gets a letter that says, ‘We’re starting our annual vendor review. We want you to answer these questions about the security you have in place, and if you cannot answer satisfactorily, we need you to resolve critical issues within 30 days, medium-risk issues within 90 days, and low-risk issues within 12 months.’”
Providing proof of compliance in an on-premises system can mean deploying multiple monitoring and security tools, Baroan says. An upgrade to a cloud-based ERP system will provide that proof of compliance without these additional tools.
Terrance Wampler, vice president of financial applications strategy at Oracle, recalls a recent case when a European government agency asked its vendors to report on whether they had any hardware or firmware components made by a specific Chinese firm and, if so, what they would do to remove them. Unexpected requests such as these can make compliance a moving target for companies with an on-premises ERP deployment. Oracle ERP Cloud is constantly updated to satisfy requests such as this.
Both governments and business partners such as financial institutions change their requirements all the time, he says. Without a cloud-based ERP system, “there’s an ongoing cost around security policy changes.”
Photography by Shutterstock
Minda Zetlin is coauthor, with Bill Pfleging, of The Geek Gap: Why Business and Technology Professionals Don’t Understand Each Other and Why They Need Each Other to Survive (Prometheus Books, 2006).