Why Compliance Pays: Reputations and Revenues at Risk - Research Report

Research done by the IT Policy Compliance Group reports the dissimilarities between compliance leaders and laggards and illustrates how compliance leaders are making compliance pay for them.

West Des Moines, IA, August 09, 2007 --(PR.com)-- Few days back IT Policy Compliance Group publicize the availability of its latest benchmark research report titled “Why Compliance Pays: Reputations and Revenues at Risk.” The report clearly demonstrates 9 in 10 organizations are exposed to financial risk from data lost or data stolen due to not leveraging compliance and IT governance procedures. It further reports organizations with the best IT compliance results have the least business downtime from IT security events. The benchmark research also goes on to reports that chance of loosing or stealing of data is once every three years or sooner for compliance laggards, compared to once every 42 years or later for compliance leaders.

Data management plays a significant role in any organization but if not properly maintained there is severe chance of data loss or stolen which might impact the organizations’ reputation and financial risk, but same can be reverse by implementing proper compliance management procedures and control tools. It is having said that percentage of data loss or data stolen risk value is quite high than the amount spent on compliance and data protection financial value. The returns on investment in compliance for larger enterprises starting at 1,000 percent and improving to 100,000 percent, good compliance pays for itself.

The research shows that successful firms, those with the fewest data losses and thefts, are driving operational excellence in IT by improving compliance results, especially in IT general controls and IT security controls and procedures. More notable, the benchmarks show the least data loss among firms that are monitoring and measuring controls against objectives consistently, at least once every two weeks.

“An effective IT governance process with concise IT control objectives, along with the right mix of built-in IT controls, allow businesses to set policies and measure against those policies in a consistent manner,” said Everett C. Johnson, CPA, International President of ISACA and the IT Governance Institute. “By creating a measurable and repeatable IT compliance program, businesses are able to adequately produce data and ensure a high level of compliance.”

Based on what is working among organizations with the fewest data losses, the IT Policy Compliance Group report identifies several practices that can assist businesses with improving IT compliance results, reduce business downtime, and reduce data loss and theft. These steps include:

Implementing more and appropriate IT controls
Reducing control objectives, making it easier to communicate, measure and report against
Establishing higher standards for performance objectives
Encouraging a culture of operational excellence in IT
Conducting monitoring, measurement and reporting of controls against objectives at least once every two weeks
Allocating more spend to controls automation

In addition to spending larger percentages of the IT budget on IT security controls, the firms with the fewest undisclosed latent data losses and least number of compliance deficiencies are reallocating monies away from external contract spend towards additional funding of equipment and software, specifically targeted at automating the monitoring and measurement of controls and procedures.

To view the research report, please visit http://www.compliancehome.com/symantec/compliance.html

About Compliancehome.com:
Compliancehome.com is a part of Supremus Group LLC

www.ComplianceHome.com is the online regulatory compliance portal focused on delivering the latest news, events, white papers, webinar, audio conference, seminars, articles, products and vendors, and jobs related to compliance of HIPAA, SOX, FISMA, GLBA, FFIEC, FDA, Basel II, OSHA and ISO 17799.

They request all professionals to contribute to this site to make it the biggest compliance library of resources. If you have articles, white papers, conferences, events, seminars, online training, news, compliance related training or have web content we should link to, that you believe their visitors would find of interest, please visit any of our submit pages and submit your information. (They will review your content before it is included in the site).

Contribute to their website:

Add your White papers for free: www.compliancehome.com/submit/whitepaper.html
Submit Events for free: Training, Conference, Seminar, Webinar, Audio Conference: www.compliancehome.com/submit/event.html
Submit Resources: Articles, Archived Webinars & Audio Conferences, Regulation Overviews and PowerPoint Presentations: www.compliancehome.com/submit/resource.html
Add Products and Services: www.compliancehome.com/submit/product.html
Add Press Releases: www.compliancehome.com/submit/pressrelease.html

Supremus Group LLC
Mike Milkhe