Regulatory Articles - Perficient Blogs
Blog

Posts Tagged ‘Regulatory’

  • Topics
  • Industries
  • Partners

Explore

Topics

Industries

Partners

Key Takeaways About Compliant IT Systems In The Cloud

This is the final post in our series on maintaining regulatory-compliant IT systems in the cloud. In this post, we’ll go over the key takeaways from the series and then we’ll send you on your way! Regardless of how much control you have over your IT systems, if you are using them for regulatory purposes, […]

Read more

Tips And Best Practices For Compliance In The Cloud

As we’ve learned in the previous posts in this series, having a thoughtful, thorough cloud vendor qualification process and intelligent SLAs in your cloud vendor contracts will help you maximize the value of the cloud while maintaining regulatory compliance. In addition, here are some tips and best practices to help you knock it out of […]

Read more

How To Use Contracts For Regulatory Compliance Of Cloud Systems

In my previous post in this series, we discussed how to qualify cloud vendors. Once that process is complete, the second step to maintaining compliance is to document your specific regulatory requirements in a contract with the cloud vendor, usually in the form of service-level agreements (SLAs). In this blog post, I include a range […]

Read more

How To Qualify Cloud Vendors

We recently completed a 21 CFR Part 11 gap analysis engagement for a client that was largely using SaaS applications, but had no cloud vendor qualification process in place. They had just been allowing each business unit to select the applications that met its user requirements, accept whatever validation documentation the cloud vendor supplied (if […]

Read more

Who Is Responsible For The Compliance Of Cloud Systems?

Any time you take advantage of a cloud service – infrastructure, platform, or software – for a regulated purpose, you are ultimately responsible for its regulatory compliance, not the cloud vendor. This is critical for you to remember. So, how can you ensure regulatory compliance of a software system you did not build, you do […]

Read more

Cloud-Hosted Terminology: Types Of Systems

As we continue our series on maintaining regulatory-compliant cloud systems, let’s touch on a few key terms. Below are explanations of the primary cloud-hosted offerings available in the market. Infrastructure-as-a-Service (IaaS) When you purchase a software system and opt to have a vendor host it for you instead of installing it on servers you own, […]

Read more

Refresher: Which IT Systems Are Regulated

If your company makes drugs, medical devices, or biologics (vaccines, blood and blood components, allergenics, somatic cells, gene therapy, tissues, and recombinant therapeutic proteins), it is regulated. If your company is regulated, then every IT system you use to design, develop, conduct trials, manufacture, package, label, store, distribute, install, or service your products is also […]

Read more

Maintaining Regulatory-Compliant Cloud Solutions

The benefits of cloud hosting – including Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) – are very clear: less upfront capital, faster implementations, scalability and elasticity, and no need for individual companies to maintain physical space, hardware, and/or technical staff for support. But there are also several risks to consider, including physical and technical security, […]

Read more

Streamlining the Manufacturing and Automotive Treasury Function

The strategic vision of the manufacturing and automotive treasury function is to deliver efficiency, control, and scalability. The logical structure for this transformation includes several key components: business events, centralized demand deposit accounts with banking connectivity, and a reporting data warehouse. A comprehensive finance and treasury transformation program can help improve cash and liquidity management, […]

Read more

FDIC Part 370 Testing Support

Each phase of a company’s Part 370 response will have to undergo rigorous testing to ensure that all the regulatory requirements are met and the FDIC’s ongoing testing will produce satisfactory results. Our industry-leading DevOps organization that can assist with: Test planning and execution Defect tracking and reporting Requirements traceability Continuous integration As with requirements […]

Read more

Requirements Gathering For FDIC Part 370

For each of the technical work streams involved in a company’s Part 370 response, requirements will need to be defined and vetted with key stakeholders across the organization, as well as potentially with regulators. We have extensive experience creating business, functional, and technical requirements across a number of different companies in the financial services space. […]

Read more

FDIC Part 370 Program Management

A bank’s response to Part 370 will require a multi-year, multi-functional program that could encompass dozens of individual projects. Given the scope and scale of affected institutions, most will already have several layers of project management responsible for different areas of the business. A strong response to Part 370 will need to integrate those different […]

Read more

Process Reengineering For FDIC Part 370 Compliance

In order to support the initial and ongoing response to Part 370, most organizations will need to implement new processes around data and account management, reporting, and file generation. While each of these process updates can happen individually under those projects, it would be beneficial for a company to take a holistic approach to process […]

Read more

FDIC Part 370 Report Design

Part 370 requires two annual reports to be generated by covered institutions, and while the general requirements for each are laid out in the rule, there is little specificity about how the reports must be structured or formatted. We have experience designing reports to accommodate banking regulators and is positioned to help a company design […]

Read more

File Generation For FDIC Part 370

The FDIC requires a set of four files to be available within 24 hours of a bank’s failure, and responding companies must design how these files will be generated, stored, and transmitted. Having the data available to respond is a critical first step, but thought must put into how the company will actually take that […]

Read more

FDIC Part 370 Implementation Road Map

Evaluating where a bank stands today and where it needs to be in relation to Part 370 is of paramount importance in the early phase of the company’s response to the FDIC. Putting together a coherent road map that lays out concrete projects to be undertaken will allow the company to mount a coordinated response […]

Read more

FDIC Part 370 Readiness Evaluation

The first thing any bank has to do in its response to Part 370 is evaluate its current state of readiness. We are well positioned to help firms assess readiness along a number of dimensions: Data availability and reliability Systems architecture Infrastructure Organizational structure We have helped dozens of organizations, both within financial services and […]

Read more

Data Stewardship For FDIC Part 370

The basis for any response to Part 370 will be a thorough analysis of customer, account, and deposit data across the organization. This can be a massive undertaking at an organization the size of those targeted by Part 370. We have led dozens of data analysis and remediation efforts across industries, including: System identification: Looking […]

Read more

Energy Industry Needs Fewer Counterproductive Regulations

While the industry is seeing much innovation, and while energy companies are doing positive work in communities and around the world, there is no question that the industry still faces several serious challenges. The industry needs fewer counterproductive industry regulations and, instead, better policies that leverage free trade and support innovation. Free trade can lead […]

Read more

Subscribe to the Weekly Blog Digest:

Sign Up