TIBCO Software Inc., a global leader in enterprise data, empowers its customers to connect, unify and confidently predict business outcomes, solving the world’s most complex data-driven challenges. TIBCO understands the power of digital transformation, and how strategic compliance can help achieve it.
When Nora Pan, Vice President of Products & Technology Standards and Compliance, Program Management Office and Operations at TIBCO set forth her strategic compliance initiative for TIBCO, her goal was to create a “Center of Excellence” that could centralize documents, policies and procedures to streamline the audit process.
The Value of Compliance
Even before Pan started this transformation, TIBCO recognized the important role compliance plays in adjudicating cybersecurity risk and demonstrating trust to its customers. This trust is the external value of compliance; Pan wanted to help it realize the internal value: lower costs, greater efficiency, and less friction between teams. The goal was to make it easy for inter-departmental functions to achieve compliance, “just by doing their day-to-day job.”
Pan decided to eliminate most of her assessment service providers, except for A-LIGN, so that TIBCO could consolidate most audits with a single vendor. A-LIGN reinforces this efficiency with its technology-enhanced service and compliance management platform, A-SCEND, which delivers the capability to unify evidence collection and to conduct simultaneous audits.
“I have one group that needs to comply with four different frameworks…think about how much work that is for them. I respect their time. I want them to be able to review one list to achieve compliance. A-LIGN makes it possible for TIBCO to fulfill all our needs with one deed,” shared Pan.
In establishing a Center of Excellence for TIBCO, Pan prioritized three concentrations:
- Centralization: Pan leveraged an internal portal for TIBCO and an external portal from A-LIGN to streamline evidence collection efforts with clearly identified milestones.
- Standardization: Pan collaborated with her CIO, CISO, human resources and legal teams to create an Information Security Management System (ISMS) which set forth more than 25 policies to standardize its strategic compliance requirements.
- Education: Lastly, Pan translated the requirements developed in collaboration with her team into an easily understandable language for the rest of TIBCO.
With her new approach to strategic compliance, Pan is delivering new efficiencies for TIBCO. By streamlining the audit process and consolidating service providers with A-LIGN, Pan knows she is saving her company time and money. She is spending less on the cost of compliance than in previous years, and her colleagues are spending less time preparing for audits.
Aspire to Excellence
By minimizing the impact of an audit, Pan’s colleagues can focus on more dynamic digital transformation and cloud migration initiatives. Her Center of Excellence has delivered new standards, which have improved interoperability and integration for all of TIBCO’s products and services. Pan understands that strategic compliance is continuous and connected. She is now looking toward the future for the potential impacts and improvements that may come from automation and AI during the next wave of digital transformation. This is the benefit of strategic compliance: business transformation.