Companies' IT Systems Not Compliance Ready

Oct. 5, 2006
When it comes to compliance issues, many companies do not have the necessary IT infrastructure and are therefore unprepared for audits, regulator requests or even lawsuits. According to a new study, "Compliance Enabled Enterprise (CEE) the Future: ...

When it comes to compliance issues, many companies do not have the necessary IT infrastructure and are therefore unprepared for audits, regulator requests or even lawsuits. According to a new study, "Compliance Enabled Enterprise (CEE) the Future: Building the Compliance-Enabled Enterprise," issued by Business Performance Management Forum, less than half of IT executives consider compliance to be a "critical initiative with full management support" and 40% report their own company's IT execs don't understand current regulations well enough to effectively implement compliance technologies and policies.

"This issue clearly represents a serious threat to corporate America: More than just a matter of building appropriate IT infrastructures and managing information, it represents the potential failure of top management to do the heavy lifting needed to achieve true compliance: locate resources, implement the right technologies, develop viable policies and procedures, ensure enforcement," said Donovan Neale-May, executive director of the BPM Forum.

"In recent years, courts and regulatory agencies alike have been willing to impose harsh penalties on enterprises that are not up to par. This study indicates that the apparent corporate focus on compliance has not translated into strategic and tactical initiatives that have an impact on business operations, and this leaves many companies vulnerable," Neale-May added.

Other findings from the report, developed in partnership with Chief Executive Magazine and the IT Compliance Institute, indicate that 47.3% of all senior executives are concerned that their companies' failure to effectively archive and manage all of their electronic content represents a critical liability for their organization. Add to that the fact that 33% of the respondents say they have no corporate policy covering electronic records management (nearly 20% don't know whether they even have a policy). Although lawsuits are a threat, 36.4% say their companies have no technologies or policies whatsoever in place to manage a legal discovery order involving electronic records

The full report -- "CEE the Future: Building the Compliance-Enabled Enterprise" -- is available by visiting www.bpmforum.org or www.axsone.com.

Interested in information related to this topic? Subscribe to our twice-monthly Information Technology eNewsletter.

Sponsored Recommendations

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!