Compliance can be a money pit. While it does make brands better, reputations rugged, and markets moored, it can take any company into a deep dark well. Its objective to reduce risk and increase stability can be misdirected into creating and maintaining documentation for storage in a “I’m not going there today” room, electronic or otherwise. While that can be a consultant’s wet dream, it is not ours, nor is it agile.
So we start with a simple premise. We build to be hit by a bus. We don’t go back for clean up, because we know what is needed to keep the auditors happy and we do it as we go. Our focus is on transparency. We see compliance as the union of management goals and execution. When we set one, we can measure the other. Together they align with governance objectives, whether they be governmental or internal.
Governance objectives turn into management goals. Agile execution delivers the goods quickly. Good metrics communicate that work to all levels. We tag metrics so that audits can ensure compliance. To get an audit done without draining resources we tag to the Dublin Core standard. If your metadata is strong, you can find what you need to satisfy requests easily and that is the savings we pass on to you long after we leave your project. We think of our metadata as a money mountain to fill the money pit when the suits start digging.
We are members of ISACA and actively interpret COBIT, SOX and ISO for customers, but we always start each new client relationship learning about their specific governance behavior so that we execute within it. If your problem exists because you don’t have the metrics to make that happen we will help you build them. We don’t keep our team idling at the starting gate.