Compliance Toolkit

Compliance: Aligning IT and strategic goals

Tags:
Compliance

Mark Vernon Tech Republic

Published: 27 May 2005 12:05 BST

The IT department has always had to shoulder some of the responsibility for compliance with current laws regarding enterprise data. But according to a new report from the Economist Intelligence Unit (EIU), the future will see that burden on IT grow even more. According to the report, 45 percent of IT executives, from across the globe, said that the top three compliance activities they were engaged in were security and privacy, document retention, and financial regulation.

Luckily for financial services, one of the most heavily regulated industries, IT vendors are providing a competitive array of compliance solutions. A number of storage, data-backup, and disaster-recovery products are proving invaluable when coping with the demands of regulation, new and old. IT's role in compliance is growing because regulation increasingly requires that business activities be monitored, audited, and scrutinised; this translates to the storage and retention of vast amounts of data — and only technology can handle that load.

"The nature of IT's role in compliance varies widely among companies, but it's clear that growing regulatory requirements are giving IT specialists in companies a lot more work and bringing them into contact with different corporate departments," says Nigel Holloway, director of executive services for the Americas at the Economist Intelligence Unit in New York. "Companies may not realise it now, but in time this will help to involve IT professionals in broader corporate strategy."

However, just because technology can assist with compliance, does not mean that it comes cheap. And this is making for a further imperative: spending on compliance must be linked to the investment in wider business goals. For many, this is likely to be the only way they can justify the expenditure compliance necessitates. According to the EIU, over half of the executives they spoke to said that the annual expenditure in this area of IT is expanding by over 10 percent a year.

Moreover, integrating budgets is not enough. Compliance needs to be seen as a strategic concern too — furthering the commercial goals of the business. Aligning compliance and business goals

A good case in point is BankAnnapolis. This local Maryland bank, founded in 1990, serves small businesses and individuals through six community-banking offices across the greater Annapolis area. The challenge it faces is that, although it's a small operator, it still has to comply with the regulations at which large banks throw millions of dollars.