ASG Perspectives

Blog > February 2019 > ASG Innovations Support Compliance Program

ASG Innovations Support Compliance Program

Organizations of all types and sizes continue to focus on complying with the expanding set of data-related regulations. In fact, in a recent survey of CIOs, 49 percent told ASG that all or mostly all their data management focus was on regulatory compliance. As a leader in providing technology to automate compliance programs, we are continually innovating to deliver the capabilities customers need to make compliance simple and efficient.
 
Let’s start this discussion with some background on data regulations. Regulations generally fit into two areas: attestation to the accuracy or completeness of data, and the maintenance and privacy of personal data. Well-known attestation-related regulations include Sarbanes Oxley and BCBS (which is also a standard defining the regulatory framework, so compliance requires similar actions). The GDPR and California’s recently passed CCPA are the best-known data privacy regulations. ASG Data Intelligence (ASG DI) provides capabilities that aid organizations in complying with both types of regulations.
 
Becoming and staying compliant is not an easy task. It requires four major processes: 
  • Modelling the compliance environment
  • Capturing the metadata or data from the environment
  • Establishing trust in the data; making the metadata and data searchable, understood and accessible
  • Identifying changes that affect the compliance baseline, considering the impact of future change and notifying data managers of the change
 
At its core, ASG DI is an adaptable platform for data-related compliance and business agility that provides a foundation for organizations to manage their data resources for business value, while remaining compliant with regulations. 
 
How to Drive Compliance with ASG Data Intelligence

ASG DI supports organizations’ core processes, adding metadata management and automation to compliance programs. The first step involves establishing a business model that defines business terms (connected to data items), policies, standards, processes, Critical Data Elements (CDEs) and business rules. ASG DI records those items and their connections to data elements, enabling organizations to develop a model of the compliance environment.

Next, ASG DI captures metadata and builds an understanding and trust in the data. ASG provides the broadest range of connections (more than 230 from distributed to mainframe environments) to data and applications collecting metadata from legacy systems to modern data platforms. With the ability to rapidly identify and inventory their CDEs, organizations will be more equipped to understand where information comes from, how systems process it and how it’s used.

pexels-photo-1011329.jpegTracing and Trusting the Data
 
Today’s organizations are seeking to reduce the risk of non-compliance in today’s tightening regulatory climate, which requires that their data can be trusted and stated as true – a requirement for attestation regulations. ASG DI establishes the lineage of data elements and automates the tracing of data from origin to end use, providing a visual mapping of its movements and changes. Automation also keeps this lineage current so that an accurate view is available at all times. Manual and less sophisticated methods are unreliable, costly, unsustainable and fail to provide the trust created by ASG’s approach. 
 
ASG DI also creates a searchable business glossary and data catalog that allow organizations to locate and understand their data. Through an innovative capability called “snapshots,” ASG DI can identify changes to the data environment and lineage, establishing a means to understand the impact of future changes. Finally, when a change is identified, ASG DI can alert data managers who can address changes that might affect data trust or compliance. For attestation regulations, this process creates the understanding and trust needed to declare data accurate and demonstrate how it has been transformed and aggregated. 
 
For organizations to comply with privacy regulations, they must be able to identify all the personal data being used. ASG DI makes this process simple for organizations by first cascading data identified as personal through the data estate and flagging similar data elements across the data and applications. It searches structured and unstructured content – a newly-introduced, innovative capability. And, ASG DI uses machine learning techniques to suggest what might be personal data by matching data to patterns (e.g., phone numbers), which helps to identify elements that might not otherwise stand out as personal and protected data. With this thorough and complete approach, organizations can know the ins and outs of their business to ensure compliance.
 
Compliance is hard work that consumes a substantial portion of an organization’s data management resources. ASG DI provides powerful capabilities – including automation of metadata management, lineage and identification of personal data – that increase the reliability of compliance programs, reduce the risk of non-compliance and add efficiencies which reduce the costs. Our goal at ASG is to help our customers free up resources for data management tasks that drive the business, while making them “audit ready” and able to demonstrate their processes and compliance to regulators.
 
To learn how ASG Data Intelligence supports compliance programs and business agility with automation, read this blog post or visit this solutions page.
 


Comments
Blog post currently doesn't have any comments.
Subscribe