A Time For Assessment - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Analytics
Commentary
10/4/2005
11:28 AM
Mitch Irsfeld
Mitch Irsfeld
Commentary
50%
50%

A Time For Assessment

Now might be a good time to check your audit readiness. The good news is, compared to last year, companies are seeing more benefits from their compliance efforts.

Having that queasy feeling in your stomach about the prospect of upcoming compliance audits? If so, good for you, it shows a healthy respect for the challenge ahead. But why not take advantage of some of the tools out there to get a snap shot of your audit readiness? What could it hurt, right? It might help to ease that acid stomach, and it just might turn up a potential problem or two that no one thought of. Either way, you win, and some of these tools are free.

Two compliance vendors last week brought out readiness evaluation tools and services. GlassHouse Technologies was up first up with its Compliance Readiness Solution, a package of evaluation services for CIOs that assess compliance readiness and identify and close potential gaps in companies' data handling procedures.GlassHouse captures organizational requirements from corporate risk management, legal and audit groups and assesses an IT environment against those requirements.

The GlassHouse service isn't free, but BindView's new audit readiness assessment tool is. The BindView Compliance Assessment Tool is a free download that includes a set of survey questions, measurement criteria and associated controls. We'll have to see if the service remains free following Bindview's announced acquisition by Symantec.

And for $99 per regulation, Network Frontiers is offering a database of audit questions spanning 60 different regulations and standards.

The Good, The Bad And The Indifferent

How about some self-assessments? Here's an off-the-cuff reading on the effectiveness of Sarbanes-Oxley. Our most recent reader poll asked readers to review the impact of SOX now that audit time nears for the second time. I'll start with the good news: A third of the respondents indicated that the controls put in place to manage SOX compliance not only proved effective but returned a net gain by improving business process and exposing information that could have remained hidden without the new due-diligence.

Slightly less, 30 percent of the respondents said SOX efforts were a net loss, costing too much for the benefit derived from the new systems that have been implemented.

And slightly more, 36 percent, said the entire SOX compliance effort has been a wash, meaning any of the benefit derived from new systems, processes and resources devoted to SOX compliance is offset by the cost of implementation and administration.

In case you're wondering, when we asked these questions last year, 47 percent of the respondents said it was too early too tell. We didn't provide that option this time, because I refuse to accept it. Last fall, 26 percent of respondents indicated a net gain from their compliance management practices; only 17 percent said it was a net loss and 10 percent called it a wash.

Unfortunately, most of those who weren't ready to commit last time around have become net losers and the fence riders. But still, 69 percent of the current sample is finding at least break-even benefit from its efforts.Now might be a good time to check your audit readiness. The good news is, compared to last year, companies are seeing more benefits from their compliance efforts.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll