Survey Finds Each Regulatory Compliance Effort Remains Its Own Domain; Silo Approach Prevails across Most Organizations
2008-07-14 12:30:00
Avior Survey Underscores That Organizations Have More Work To Do To
Optimize Compliance Programs And Processes
NASHUA, N.H.–(EMWNews)–Organizations are making progress in achieving regulatory compliance,
but nearly 75 percent are either still treating each compliance
regulation as an individual project or using manual methods to manage
compliance, according to a survey on compliance progress and issues
released today by Avior Computing Inc.
The bi-annual survey of IT compliance and risk executives by Avior found
that while some progress is being made on automating compliance
processes, silos of compliance still exist in a majority of
organizations, and these silos lead to inefficient compliance processes.
Overall, the survey found that organizations are making progress in
achieving compliance, but a surprisingly large number of organizations
are either still treating each compliance regulation as an individual
project, or using manual methods and tools to test for and manage
compliance, or both. Key survey response findings include:
-
Organizations are still largely treating each compliance regulation as
a separate project or silo. 43 percent of respondents are operating
this way, while 28 percent indicate that they are working towards a
unified compliance process, and another 28 percent have achieved a
unified process.
-
Assessments are an area where some optimization needs to occur: 70
percent of responding organizations use separate assessments, one per
regulation, while 30 percent are using a unified assessment spanning
multiple regulations.
-
Spreadsheets and databases remained the most popular tools used to
manage and track compliance, while compliance automation tools were
used by 42.5 percent.
The full survey report is available upon request by sending an e-mail to info@aviorcomputing.com.
“It is not surprising that organizations
continue to struggle with mapping of multiple regulations to common
controls and to assessment questions” said
Steve Katz, President of Security Risk Solutions, and former CISO of
Citigroup, Merril Lynch, and JP Morgan. “Managing
the compliance process with manual approaches will continue to be
challenging for organizations with multiple regulations and standards.”
Avior plans a follow-up survey in the fall of 2008 to explore some of
these compliance process issues in more detail.
“This survey confirms what our customers tell
us. IT organizations are besieged with compliance audits and reporting
status requests. The stakeholders in the organization are experiencing
survey fatigue from completing multiple overlapping assessments.”
said Steve McCalmont, Avior Computing CEO. “Our
clients tell us that implementing leveraged approaches to compliance
mapping and assessments allow them to be far more effective in their
compliance processes, and to get more done with less manual labor.”
About Avior Computing
Founded in 2003 by software and networking industry veterans, Avior
Computing is a leading innovator in compliance management solutions.
Avior ClearView is a dynamic SaaS mapping application that automates the
mapping of regulations, standards, controls, and assessment questions.
Avior BenchMark automates the process of assessing and managing
compliance for applications such as vendor risk and information privacy.
Avior BenchMark replaces costly and cumbersome manual assessments
involving spreadsheets and word documents with a streamlined and
automated process, enabling better risk decision-making, and
significantly reducing the pain and cost of manual assessment
activities. For more information, www.aviorcomputing.com.
|
Birnbach Communications |
|
Major Newsire & Press Release Distribution with Basic Starting at only $19 and Complete OTCBB / Financial Distribution only $89
Get Unlimited Organic Website Traffic to your Website
TheNFG.com now offers Organic Lead Generation & Traffic Solutions
