The passage of information security and technology laws and rules over the past 10 years has affected most industries and companies. In response to these laws, management must be more accountable and aware of the need for a continuous and proactive operational risk management environment that recognizes the links between its technology infrastructure, business processes, reputation, compliance, and internal controls. This decade of heightened compliance is driving major corporate initiatives for greater transparency, governance, accuracy and accountability throughout the enterprise. Each company must identify, track and validate all business processes to ensure that its operations are compliant. In many cases the controls required by many
of these regulations and standards such as Sarbanes-Oxley must be implemented worldwide for affected companies, which may prove challenging for some organizations given cultural and legal differences overseas.