A link on the Inside Sarbanes Oxley feed just jumped out at me.
Evidently PeopleSoft’s CIO David Johnson’s thinking is very close to RedMonk’s. we recently put forward a model for Compliance Oriented Architecture.
Johnson argues: “It’s time to apply some new thinking to your IT strategy. Try running IT like a business with a renewed focus on customer service, operations, and financial control. Prioritize IT projects using a project portfolio management methodology to improve project focus, tracking, and business communication.
Then you can view compliance management as a new layer of architecture so you can deal with all your regulatory hurdles in a consistent manner. Compliance is not going away. It’s here to stay. You need to get control and automate for the long term. Properly applied technology reduces time, cost, and risk associated with an organization’s compliance activities.”
It seems the firm has also put forward the PeopleSoft Blueprint for Compliance Architecture which looks to
1. enforce internal controls using automation and
2. to replace written documentation with real-time metrics, diagnostics, and alerts
We have been pretty skeptical about the use of ERP backbones in ongoing, service oriented compliance efforts, but the approach Johnson lays out looks right. I will likely come back to this if we hear from PSFT, and more importantly reference customers.