Compliance is driving up IT costs

Organisations are today spending more resources and efforts than ever to cope with regulations, according to a global study from enterprise software vendor CA.

Share

Organisations are today spending more resources and efforts than ever to cope with regulations, according to a global study from enterprise software vendor CA.

In order to conduct business in today's global economy, organisations have to comply with country-specific regulations and adapt when existing regulations change or are interpreted differently over time, said the report.

Nearly 45 percent of the companies surveyed reported an increase in the time and monetary resources required to ensure compliance with 13 regulations and industry standards found in countries around the world.

The study surveyed nearly 575 IT directors or above from large and mid-sized enterprises representing companies headquartered in Europe, North America, Asia Pacific and Central and South America.

The study revealed that the shifting nature of regulations is a factor in the escalating costs. 40 percent of European organisations, have reported the introduction of new regulations as a reason for increasing compliance expenses, compared to 55 percent of Asia Pacific organisations (where J-SOX was recently enacted), as well as 41 percent of North American and.

Changes to existing regulations were also reported to be a factor by 39 percent of Asia Pacific businesses, and by 49 percent of North American and Central/South American organisations, and by 34 percent of European organisations.

Manual processes, more work

The study also showed that most of the respondents relied on manual processes to achieve compliance, although manual processes and a lack of centralised control are contributing to spiralling costs in an increasingly regulated environment.

More than two-thirds of the companies surveyed reported that they maintained information about the status of their IT compliance controls in multiple spreadsheets and often within different organisational units.

More than 75 percent of respondents said that the operation, testing, monitoring and reporting of IT controls were at best a combination of automated and manual processes.

"This survey verifies what we regularly hear from customers -- that compliance remains a big challenge for them in both direct cost and impact to business processes, and the issue grows with every regulatory change or addition," Lina Liberti, Vice President, CA Security Management, said. "Automation of compliance processes and centralisation of controls is a key ingredient for how businesses can bring efficiency to their compliance processes."

Of the 13 common standards and regulations evaluated, the study showed that Sarbanes-Oxley Act of 2002 (SOX) had the biggest impact on cost, IT and the overall business. SOX was followed in cost by CLERP-9, an Australian corporate accountability regulation, and in impact on the IT organisation by Basel II, a global standard that governs the capital adequacy of international banks.

Find your next job with computerworld UK jobs