Supporting Compliance Requirements

Ardenno products are enablers within an Active Compliance Framework for a long-term architectural blueprint designed to identify the scope of the roles that need to be supported, the business capabilities needed, and the core enabling application infrastructure supporting the required access roles and enabling the business capabilities. Ardenno ensures that secure access to information is available to foster improved collaborative capabilities within the context of a compliance framework environment.

Regulatory compliance is an important business driver for implementing Collaborative Knowledge Management solutions like Ardenno. Compliance has evolved from an isolated quality initiative within a department to an enterprise-level challenge, based on regulatory requirements such as 21 CFR Part 11 and Sarbanes-Oxley. The shift requires new organizational models, new processes and controls, and a new approach to technology support for the compliance effort.

Leading pharmaceutical and biotechnology companies, as well as others in highly regulated industries, have started to invest in architecture that not only scales to support the compliance initiative of the day, but creates business and IT capabilities to address business performance, accountability, and compliance simultaneously. The combination of performance management and compliance is the essence of Active Compliance, where every adverse event, compliance requirement, or quality issue is seen as an opportunity to drive the business to improve.

Today’s increasing focus on compliance and risk mitigation forces many enterprises to lock down and better manage documents located on the notorious shared drive. However, as one senior IT architect said, “we had the mandate from our corporate counsel and replaced one file share. Then we ran into trouble as soon as archive and retention policies starting kicking in.” Unable to find the needed documents, this enterprise’s employees quickly revolted, complaining about reduced productivity. The users couldn’t find the information they needed to get their jobs done; they began working around the system by managing and sharing documents through email. This behavior thwarted the project’s entire objective by introducing additional compliance and risk mitigation concerns.