NEWS

IT Policy Compliance Group Issues 2008 Report on Best Practices
Written by Ed Dickson
Published July 21, 2008

The IT Policy Compliance Group just released its annual report on the state of affairs of what it refers to as IT governance, risk, and compliance (IT GRC).

The goal of the group is to promote the development of research and information to assist IT and finance professionals meet their organizations' policy and regulatory compliance goals. They do this by providing information for organizations to improve compliance results by providing reports based on primary research.

If you take the time to check out their site, they have other items of interest to anyone charged with the ever growing responsibility of protecting systems from those who have the intent to compromise them.

The recently released report suggests that measuring the value delivered by IT has been traditionally associated with applications that have an impact on customer service, sales, expenses and profit. Unfortunately — as more organizations have their data compromised — the result of not protecting information can be a loss of revenue, added expenses (legal costs), and a loss of consumer trust. This is especially true if the compromise becomes a matter of public record.

Included in the report are an analysis of recent losses incurred by a large retailer ($530 million) and a large financial services firm ($100 million). The analysis takes into account the loss of revenue due to business disruption and loss of consumer trust in addition to the harder costs, such as legal expenses. Other analyses includes losses suffered by an automotive manufacturer and a rental and leasing company.

IT departments are constantly being challenged to be up and running 100 percent of the time to maximize efficiency. While doing this, they need to protect their data and adhere to legal and regulatory requirements at the same time.

The challenge is to manage business opportunity and risk at the same time. The 2008 report shows that the firms with the most mature practices in compliance and risk management are doing better and spending less to achieve their goals. This translates into more revenue, profit, and customer retention.

page 1 | 2
Having worked around financial crimes for a number of years, I noticed they seemed to be on the rise. One reason for this is technology, which grows more rapidly than laws designed to protect us from it. Although the blog is a resource to educate people on identity theft, it also strives to educate the common person on the rapidly growing problem of crimes enabled (made too easy) by technology and the Internet.
Keep reading for information and comments on this article, and add some feedback of your own!
Buy from Amazon.com
Building a Career In Compliance and Ethics Building a Career In Compliance and Ethics
Joseph E. Murphy and Joshua H. Leet
Book,

IT Policy Compliance Group Issues 2008 Report on Best Practices
Published: July 21, 2008
Type: News
Section: Sci/Tech
Filed Under: Culture: Business and Economics, Sci/Tech: Computers, Sci/Tech: Internet
Writer: Ed Dickson
Ed Dickson's BC Writer page
Ed Dickson's personal site
Spread the Word
Like this article?
Email this
Submit to del.icio.us Save to del.icio.us
RSS Feeds
All RSS Feeds (240+)
Comments on this article
BC articles by Ed Dickson
Culture: Business and Economics
Sci/Tech: Computers
Sci/Tech: Internet
All Sci/Tech Articles
All News articles
All BC articles
All BC Comments

Comments

Want comments emailed to you? No spam, promise! Address:

Add your comment, speak your mind

(Or ping: http://blogcritics.org/mt/tb/79209)

Personal attacks are not allowed. Please read our comment policy.





Remember Name/URL?

Please preview your comment!

Fresh
Articles
Fresh
Comments