GET STARTED WITH JADEX's COMPLIANCE RESOURCES
If you’ve found yourself here, I’m sure you are wondering how these resources can help you on your compliance journey. JADEX prides ourselves in transparency and giving you as much information as possible. We want to arm you with the knowledge to understand what achieving compliance entails.
These resources are a culmination of experience, analyses, and research conducted by our team of technical experts. We do not claim to have all the answers, but we are happy to share what we’ve learned.
Objectives:
- Describe compliance as it relates to the corporate working environment
- Identify key aspects to achieving compliance standards
- Explain why compliance matters
Who ARE THESE RESOURCES FOR?
These resources are for anyone seeking to understand more about regulatory compliance. Specifically, we focus on educating our audience on the benefits of leveraging Microsoft cybersecurity products and services to meet security and compliance requirements for data and threat protection.
COMPLIANCE RESOURCES FOR THE WORKPLACE
First Steps
At this day and age, regardless of your organizations industry, you are most likely subject to regulations. The purpose of compliance isn’t to create hurdles or barriers, it’s to protect.
Identify compliance and regulatory standards that your organization must adhere to. We recommend researching the regulatory body that governs actions related to your industry.
JADEX believes compliance is not like a light switch that one flips “on,” rather, it’s an ongoing, sustained effort to keep those lights “ON.”
Identify a Compliance Champion
Identifying an individual or team within your organization to champion programs, policies, and procedures related to compliance is essential to beginning your compliance journey.
The goal of these champions should be to educate senior leadership on compliance related action items as well as relay pertinent information throughout the organization. Champions should work with all employees in understanding compliance standards.
The compliance champion(s) needs to be directly empowered by the executive team. Without executive support, compliance can be easily ignored and derailed.
Audit Existing Contracts for Potential Sensitive Content Markings
Conduct a thorough investigation of all existing contracts for sensitive markings. Often, the regulating bodies will provide detailed guidance dictating the requirements.
Scoping Identified Sensitive Content
Once your organization has identified sensitive content markings, you will need to determine what portions of the business or operations are subject to the associated regulations.
JADEX assists our clients in leveraging Microsoft 365 to meet compliance. If your organization uses Microsoft 365, arguments could be made that security and compliance improvements should be made within Microsoft, not supplemented by third-party tools.
Understanding Compliance Action Types
One of the common themes we find when working in this industry is a lack of knowledge related to the types of actions required to adhere to compliance. Currently, most regulatory bodies highlight four key action types: Documentation, Operational, Privacy, and Technical.
Documentation entails compiling evidence that support processes and policies related to compliance requirements.
Operational planning and preparation of actions required to ensure compliance objectives are being actively met.
Privacy addresses seclusion concerns associated with content.
Technical entails systems, applications, processes, and/or tools used in daily business operations that are subject to regulations.
Review Systems & Processes Affected By Compliance
JADEX recommends that you compile a list of all the organizational systems and processes that will be affected by compliance regulations. Next, you should determine if the existing tools or applications are capable of meeting the required regulatory controls internally or through third-party supplementation.
Standard Operating Procedures (SOP) and Policies
Document all SOPs and policies for your organization. Remember to leverage your tools, applications and people for recommended compliance and security improvement actions.
Company Details
- DUNS Number: 078570307
- CAGE Code: 6TX26
- NAICS Codes: 541690, 541990, 541611, 54618, 611420, 541370, 541519
Contact
- HQS - Spring Lake, MI
- Phone: 1 (833) 568-3925
- Email: info@jadexstrategic.com
Codes & Certs
- VOSB - self-certified
- SBA 8(a) - pending
Services
- Microsoft 365 Solutions
- Assessments
- Security
- Training