8CIOReview | | MAY 2023IN MY OPINIONThe Compliance and Information Technology functions in an organization have more in common than one may think. Both are often misunderstood and under-appreciated. Far from simply setting up printers and resetting passwords, IT serves a vital role in protecting the organization from threats, both internal and external. Cybersecurity has become an executive-level priority as cyber-attacks spread to all sectors. Compliance is often viewed as an automatic "no" - strict rules that hinder business; but a good Compliance department actually facilitates business by protecting the organization and its reputation. Compliance and IT are uniquely suited to supporting each other and collaborating to better protect the organization from the myriad threats that multinational companies face today.Like any relationship, a great relationship between these two functions starts with respect. Both departments are staffed with technical experts who have degrees, certifications, and experience in their respective fields, and each function should recognize and respect the other's knowledge. While IT may want to re-examine a proposed technology solution to a compliance issue, it should refrain from challenging the regulatory basis for the issue itself. Don't Google "OFAC" to argue about denied party screening - just as compliance shouldn't search for "ERP system" to tell IT what theirs can or can't do.In some organizations, IT will designate business liaisons that work closely with specific functions or lines of business. Having an IT liaison for compliance is a best practice that enhances collaboration through the opportunity for one-on-one communication and cross-training. The IT liaison can learn more about compliance and its business requirements, helping to better translate those into technical specifications, while educating the compliance team about IT systems and processes.Whether or not an IT liaison is available, compliance should make an effort to understand how IT manages work and projects. If the organization uses an agile method, it is important for compliance to review its project requests with an eye toward sprints. If IT is using a scoring method to prioritize, it can be difficult for compliance to put a business value on its projects; in By Lila Landis, Director, Global Compliance and Import Services, SEKO LogisticsCOMPLIANCE AND IT: COLLABORATING FOR MUTUAL SUCCESSLila Landis
< Page 7 | Page 9 >