CA Clarity PPM Helps Conform to Multiple Mandates with One Solution. CA can help streamline your response to multiple mandates. Learn more about compliance strategies and solutions by requesting CA's Federal Compliance ROI The Six Steps to Compliance White Paper.
White Paper
Compliance = ROI
The Six Steps to Compliance. Gaining Control of Your Agency's Response to Regulations, Legislation and Mandates.If good governance is the primary aim of the regulations What is Compliance? your agency must address, then compliance consists of:Compliance is the management function that makes sure your agency is adhering to all applicable rules 1. Defining and establishing governance in practiceand guidance that may apply as you conduct your 2. Identifying and addressing threats to governancemission and operations. In practice, this means 3. Tracking and reporting your governance effortsnavigating a complicated web of intersecting laws, Governance is both a practical and required priority for regulations and procedures (see chart below). your agency. But without careful planning and effective As complex as they may be, all of your compliance system support, compliance becomes an overwhelming challenges have one thing in common. They are burden that can compromise your agency's real mission.intended to establish governance over the way your CA can help you address the complex demands of agency uses the resources entrusted to it. compliance by:Governance is the establishment of rigorous controls . Optimizing operationsamong people, processes and technology, so that all . Enhancing performanceoperations are guided by strict policies and standards . Reducing costsfor efficient practices. . Automating tracking and reportingOMB Circular A-123, for example, calls for implementing This white paper outlines the key concepts of compliance operational and internal financial controls, as well for and shows you how to maximize ROI from your IT assessing and mitigating risks to those controls. investments and enable your agency's mission.
neThe Compliance Challenge: h t 8o c 0tC 5A c 2 t - 1A nyThese are just some of the interlocking requirements rc -t A oceA A v iAA DcI I A tag oMFR PAA v cfederal agencies must meet. SO n iM Gi SP SF R l r e-F M IAGG F F C I P C F P F E H S OMB: Circular A-11. Providing business cases/funding justi?cation for capital and IT investments ? ? ? ? ? ? ? ? ? ? ?. Filing Exhibits 300 and 53OMB: Circular A-130 . Implementing capital planning processes and controls ? ? ? ? ?. Providing information via dissemination systems. Safeguarding information against riskOMB: Circular A-123. Implementing ?nancial and internal operational controls ? ? ? ? ?. Maintain rigorous ?nancial reporting. Assess and mitigate risks to controlsOMB: Appendix III to Circular No. A-130 (Primary FISMA implementation). Implementing agency-wide security programs ? ? ?. Documenting security and certifying it is adequate to risksNIST: FIPS Pub 201, PIV I and PIV II (Primary HSPD-12 implementation) ? ?. Implementing personnel identi?cation and veri?cation programs
GPRA Government Performance and Results Act of 1993: Requires agencies to develop strategic plans, set performance goals, and report annually on actual performance compared to goals.FFMIA Federal Financial Management Improvement Act of 1996: Requires agencies to have ?nancial management systems that substantially comply with the federal ?nancial management systems requirements, standards promulgated by the Federal Accounting Standards Board (FASAB), and the U.S. Standard General Ledger (USSGL) at the transaction level.FMFIA Federal Managers Financial Integrity Act of 1982: Requires agencies to establish and maintain internal control. The agency head must annually evaluate and report on the control and ?nancial systems that protect the integrity of federal programs. CFO Act Chief Financial Of?cers Act: Requires agencies to both establish and assess internal controls related to ?nancial reporting. Requires the preparation and audit of statements.IG Act Inspector General Act of 1978: Provides for independent reviews of agency programs and operations. IGs are required to submit semi-annual reports to Congress on signi?cant abuses and de?ciencies identi?ed during reviews and recommended actions to correct those de?ciencies.PRA Paperwork Reduction Act of 1995: Requires that agencies perform their information resource management activities in an ef?cient, effective, and economical manner.Clinger- The Clinger-Cohen Act of 1996 (Also known as the Information Technology Reform Act of 1996): Requires agencies to use a disciplined capital planning and investment control (CPIC) process ... [download for more]
