Manufacturing organizations manage, maintain and share highly sensitive data. This data includes critical and confidential items such as new product ideas, product plans, vendor relations/business terms, investments, inventory, shortages, plans for expansion or reduction as well as key information about employees.

Manufacturing organizations must comply with federally mandated regulations such as:

Sarbanes-Oxley (SOX) regulates corporate financial records and provides penalties for their abuse. SOX defines the type of data that must be recorded and retention policies. SOX also specifies the kinds of controls that must be in place, and the testing requirements for key controls. It also deals with falsification of data.

The manufacturing industry is subject to the Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy rules. These regulations provide privacy rights and protection for healthcare consumer's protected health information (PHI, or EPHI for electronic information). In addition, the regulations are very specific regarding requirements for IT security. The HIPAA Security rule includes 74 specific requirements, spanning Administrative, Physical, and Technical Safeguards.

Many manufacturing organizations manage themselves to ISO standards. ISO 17799 is an information security standard that provides best practices for initiating, implementing or maintaining information security programs.

Manufacturing companies often employ the support of outsourcing partners to manage aspects of their operations. With this much information being exchanged and the criticality of complying with the federally mandated regulations, the task of managing the compliance program can seem nearly impossible to maintain and control.

Additionally, with significant amounts of critical information being shared internally and with a significant number of suppliers and partners, there is a high degree of risk that sensitive customer information can be accidentally exposed.

Manufacturers are seeking solutions that enable them to more easily comply with the provisions of SOX, HIPAA, state privacy laws, and standards such as ISO 17799. As in other industries, manufacturers are seeking to leverage their compliance efforts across multiple regulatory mandates.

For manufacturing organizations, the ControlPath Compliance Suite enables a single, continuous compliance process that ensures compliance with SOX, HIPAA, ISO17799, and with other compliance regulations. Given the distributed nature of manufacturing operations, the self-assessment process provided by ControlPath can facilitate compliance in a cost-effective manner. ControlPath increases the effectiveness and timeliness of all compliance efforts, and significantly decreases the cost of compliance for manufacturing organizations. The ControlPath Compliance Suite automates the entire compliance and risk management process.