Hewlett Packard Compliance with governmental and industry-based regulations such as the Sarbanes-Oxley Act, Basel II, HIPAA, FDA, and SEC 17a3-4 are presenting major business challenges for companies today. Most companies are realizing that in order to achieve compliance, the cost will be too much and drain valuable IT resources. Many companies realize that requirement for compliance is not going away. To meet the compliance challenge, organizations will need to shift their focus from a “once and done” mindset to one of “sustained compliance” (Hewlett-Packard Development Company, 2005, p. 3). HP provides solutions to assist enterprises maintain compliance in a changing regulatory environment while realizing business benefits from their compliance investment. HP sees compliance as a process rather than a project. Compliance is a global, evolving and unavoidable reality that affects all businesses (Hewlett-Packard Development Company, 2005, p. 4). For example, HP’s Solutions for Sustained Compliance minimize risk, improve control and efficiency, and reduce costs through improvement of business processes and the automated management of people, processes, and technologies. The Sarbanes-Oxley Act of 2002 (SOX) was passed in the hopes of rebuilding investor confidence after the Enron and WorldCom corporate accounting scandals (Hewlett-Packard Development Company, 2005, p. 3). Although legislation can be complicated and sometimes vague, the main theme is to ensure the integrity of financial reporting for publicly traded companies in the United States. Complying with SOX can be difficult because it was not written specifically with information technology or information security in mind. However, many sections within the act directly affect these functions in t ...