The True Cost of Compliance
Survey reveals that doing the bare minimum is roughly the equivalent of an invitation to financial disaster.
Inertia is usually the single biggest obstacle most businesses encounter on a daily basis. Regardless of how much sense they make, certain processes are done the same way every day even though the reasons for why that is have been lost to antiquity.
What's interesting, however, is how many companies are finally re-evaluating their business processes not so much because they want to be more competitive, but because one or more new regulations have forced them to re-examine the way the company operates.
All too often, however, that process fails to result in any meaningful change because it's usually an effort that is driven from the top of the organization. The sad truth is that most senior executives don't have a lot of visibility into the processes that actually make the business work. What's required, says Alex Bender, director of security management and compliance marketing programs for the RSA Security Division of EMC, is an approach to re-engineering business processes that is driven from both the top and the bottom.
To help make that happen, EMC this week released an update to its governance, risk management and compliance (GRC) framework that includes more collaboration capabilities. The reality is that it's hard to keep momentum while driving major process changes over a span of months. EMC has upgraded the statistical analysis capabilities of its RSA Archer eGRC platform because, adds Bender, there really is no substitute for facts when trying to drive major organizational change.
Nobody is particularly in love with compliance, especially when it involves change that is being imposed from outside the organization. Compliance creates an opportunity to improve the condition of the business. The challenge is finding a way to not only figure out what to change, but, more importantly, how to make those changes stick.