GET STARTED WITH JADEX's COMPLIANCE RESOURCES

At this day and age, regardless of your organizations industry, you are most likely subject to regulations.  The purpose of compliance isn’t to create hurdles or barriers, it’s to protect.

Identify compliance and regulatory standards that your organization must adhere to.  We recommend researching the regulatory body that governs actions related to your industry.

JADEX believes compliance is not like a light switch that one flips “on,” rather, it’s an ongoing, sustained effort to keep those lights “ON.”  

Identifying an individual or team within your organization to champion programs, policies, and procedures related to compliance is essential to beginning your compliance journey.

The goal of these champions should be to educate senior leadership on compliance related action items as well as relay pertinent information throughout the organization.  Champions should work with all employees in understanding compliance standards.

The compliance champion(s) needs to be directly empowered by the executive team.  Without executive support, compliance can be easily ignored and derailed.

Conduct a thorough investigation of all existing contracts for sensitive markings. Often, the regulating bodies will provide detailed guidance dictating the requirements.   

Once your organization has identified sensitive content markings, you will need to determine what portions of the business or operations are subject to the associated regulations.

JADEX assists our clients in leveraging Microsoft 365 to meet compliance.  If your organization uses Microsoft 365, arguments could be made that security and compliance improvements should be made within Microsoft, not supplemented by third-party tools.

One of the common themes we find when working in this industry is a lack of knowledge related to the types of actions required to adhere to compliance.  Currently, most regulatory bodies highlight four key action types: Documentation, Operational, Privacy, and Technical.

Documentation entails compiling evidence that support processes and policies related to compliance requirements.

Operational planning and preparation of actions required to ensure compliance objectives are being actively met.

Privacy addresses seclusion concerns associated with content.

Technical entails systems, applications, processes, and/or tools used in daily business operations that are subject to regulations.

JADEX recommends that you compile a list of all the organizational systems and processes that will be affected by compliance regulations.  Next, you should determine if the existing tools or applications are capable of meeting the required regulatory controls internally or through third-party supplementation.

Document all SOPs and policies for your organization.  Remember to leverage your tools, applications and people for recommended compliance and security improvement actions.