Wow. Stephen O’Grady, from the analyst firm RedMonk is on the Board of Advisors for The Privacy Place and yet is humble enough not to have mentioned his recent paper “SOA Meets Compliance: Compliance Oriented Architecture.” But I happened to stumble across it as I was doing google searches on compliance technology.
The opening teaser in O’Grady’s Paper states is:
Leveraging IT to enhance business processes with transactional transparency is a necessary response to corporate governance scandals. Building the “real time enterprise” is fast becoming the preferred method for reducing fraud, and, in more and more cases, it is a mandated one.
I believe the key phrase here is “transactional transparency” in one deft phrase O’Grady has captured to industry’s trend of melding together IT (“transactional”) and business requirements (“transparency”, as in auditable acxtivity). He goes on to build a case for building transactional transparency into an IT environment using services oriented architecture, yielding what he calls, “Compliance Oriented Architecture.”
While O’Grady focuses on legal compliance issues such as Sarbanes-Oxley, it’s clear to see that a compliance oriented architecture is also key to privacy management issues. This paper is a must read for anyone who cares about Privacy Enhancing Technologies for the enterprise.