Business executives face a monumental dilemma as they find themselves caught in tough economic conditions, competitive pressures, and mounting compliance demands. For CIOs who want to break out of the current inflated threat and compliance-driven spending model to develop more resilient and cost-effective processes, the author provided the following budget-saving tips, ideas, and solid practices: 1. Perform an inventory of IT and security infrastructure assets. 2. Automate collection of "tribal knowledge." 3. Centralize policy management. 4. Use technology to map compliance controls. 5. Streamline control testing and remediation efforts. 6. Eliminate the process overlap. 7. Focus on the most critical issues first.
InformationToday 21 www.infotoday.com December 2008 And overlap across compliance Insider’s Perspective teams is common. Compliance automation tools can help to IT Budget Relief Strategies eliminate redundancies, improve the consistency and quality of risk data, save time, and reduce the demands on managers. by SARA GATES | Agiliance, Inc. data-collection processes of compliance. Today’s compliance can be a slow, complex, and solutions come with controls • Tip No. 7: Focus on the most [This column lets experts in error-prone process. Moving mapped out of the box: Simply critical issues first. It can be the information technology in- to web-based surveys and select the applicable regulations, difficult for companies to prioritize dustry discuss the challenges workflow drives faster policies, and standards with a the criticality of control violations and trends in their special niche decision making and more click of a mouse to automatically across a range of assets. Having in the marketplace. —Ed.] timely and cost-effective map controls. a single analytic solution that compliance and provides the correlates data across disparate B usiness executives face data for improved visibility • Tip No. 5: Streamline control infrastructure, regulations, a monumental dilem- Sara Gates across organizational testing and remediation efforts. frameworks, and controls allows ma as they find them- boundaries. Regulatory compliance depends businesses to focus on the most selves caught in tough economic condi- upon the continuous monitoring critical issues first and avoid tions, competitive pressures, and mount- • Tip No. 3: Centralize policy and enforcement of thousands of unnecessary spending. ing compliance demands. management. Large IT IT controls. IT risk and compliance So what’s the mantra of the day? Try organizations spend excessive solutions can help companies containing costs while continuing to drive time and resources on creating, quickly detect and assess control The Secret to Thriving in Chaos productivity. This is a tall order for CIOs distributing, and managing IT violations by automating testing, Be proactive. Act intelligently. who have already slashed their 2009 IT policies. Today’s IT policy automation correlating, and communicating In every down economy, there are op- budgets and feel the pinch from runaway products can help businesses keep controls results to the owner(s) portunities to excel while others stand compliance costs. up with this monotonous task and of the business risks. still. Companies that make the transition As new regulations continue to grow cut costs by offering advanced from the current threat and compliance- in number and complexity, never-ending survey capabilities and highly • Tip No. 6: Eliminate the process driven business climate to a performance compliance projects divert precious staff automated tools. overlap. Large organizations and risk-driven business process will be time and operating budget away from typically must comply with multiple more resilient when new regulations are growth-supporting initiatives to reactive • Tip No. 4: Use technology regulations, each with independent enacted and better positioned for success activities, such as regulatory audits. to map compliance controls. processes, metrics, and audit when the economy rebounds. And the future doesn’t look any brighter. Translating general statements procedures. Companies can expect that a well- With the crumbl
Pages to are hidden for
"IT Budget Relief Strategies"Please download to view full document