The report shows that continuous improvement in risk management and compliance with a focus on operational excellence is paying dividends. Organizations with a mature compliance process have evaluated their processes and made them part of the culture within an organization. While this encompasses the involvement of all facets of an organization, two key items are the support of senior management and training employees to embrace a culture of compliance.
The most mature firms have developed formalized training for their employees, supported by senior management, on subjects like ethics and codes of conduct, IT security and data protection policies, and legal compliance, as well as subjects like sexual harassment and discrimination. They have also developed processes and trained their employees how to deal with emergency situations.
The human factor is always the key to success in any organization. It makes sense that successful organizations focus their efforts through their most valuable resources, which are human beings. Very few exploits are successful without a healthy dose of social engineering.
Also of interest in this informative report is an analysis of results by industry and size. One shoe doesn't necessarily fit all and taking the time to examine all the different types of organizations that use technology to accomplish their goals makes the report a valuable read.
The report, which is located at IT Policy Compliance, is only available to members of the site. Saying that, the site is soliciting new members and the sign-up process is simple.
Besides this report, the site has a lot of other valuable information on it, also. I would recommend the site and its resources to anyone interested in the mysterious world of compliance because it takes it to the level of making sense and developing best practices that will benefit the overall objectives of any organization.
Article comments