Lack of IT Governance Complicates Compliance with Costly Consequences
By David Almquist and Lane F. Cooper
BizTechReports.Com
Nearly a third of IT and business managers indicated that the board of directors and senior executives do not properly support IT governance, risk management and compliance initiatives, according to a survey conducted by Enterprise Management Associates (EMA),
"IT GRC has become a very loaded term, with incredibly high expectations. Yet, it is still loosely defined, let alone well understood. This limits the ability of senior management to support IT GRC initiatives, resulting in greater exposure to risk and - worst of all - hampering the ability of IT to deliver tangible business value," said Scott Crawford, EMA research director.
One exposure is the reliance on manual processes. “In fact we find that the number one compliance tool today - worldwide - is a spreadsheet,” says Marne Gordan, Corporate Security Strategy Group at IBM. “
Automation would save substantial time and trouble, reducing duplicated efforts and providing more reliable test results along with more proof to give senior managers and auditors that controls are functioning effectively. “Third-party auditors can’t accept a spreadsheet as proof,” said Gordan
Recommended solutions
- Drive business value with Web Portals
- Complex Systems Development (US)
- Compliance management with Rational software (US)
- Enterprise Content Management Compliance Management
- Global development and delivery
- Identity Management (US)
- Tivoli Security Compliance Manager (US)
- User Compliance Management (US)
- Web application security (US)
- IBM Rational web compliance (US)
Additional information
- Analyst report: IBM makes its case for leadership in governance and risk management (PDF, 233KB)
- Blog: Steve Adler, Director, IBM Data Governance Solutions (US)
- Help manage costs and license compliance in mainframe environments (US)
- Library: IBM governance and risk management resources (US)
- Solution sheet: Establish and Maintain Secure Card Holder Data with IBM PCI Solutions (PDF, 332KB)
- White paper: Enhance enterprise security and compliance for lines of business with flexible solutions (PDF, 260KB)
- Services, Software and Hardware which will help you to meet your total PCI Compliance needs (US)
- IBM Global Financing Solutions (US)
Contact IBM
Security and compliance solutions
- Register to download
Enhance security and facilitate compliance with the IBM User Compliance Management solution
