Judging from the results of this month's research (a joint CIO Insight/Gartner EXP survey of CIOs on the status of their Sarbanes-Oxley compliance programs), most CIOs feel optimistic about their efforts.
Judging from the results of this month's research (a joint CIO Insight/Gartner EXP survey of CIOs on the status of their Sarbanes-Oxley compliance programs), most CIOs feel optimistic about their efforts. Their compliance mechanisms will be completed on time, and the necessary financial data will be rationalized—though it will take a lot of work. Becoming compliant will cause significant business disruption for a while, but things should calm down after the first year. And half of CIOs expect to reap a range of business benefits, including business process improvements, from their efforts.
It's good to be optimistic, and CIOs have some reason to be. More than 87 percent of respondents think their top executives take Sarbanes-Oxley compliance seriously, and, since executive sponsorship is the single most important success factor for any project, it's not surprising that almost the same percentage of CIOs think their companies will be compliant by their deadline.
Most CIOs, however, think they'll get something more than bare compliance for their efforts, and we wonder if that's being a bit too optimistic. Almost half the CIOs who responded to the survey said their companies will do the minimum necessary to achieve compliance. Can those CIOs really get value—improvements in business processes—that they haven't paid for?
CIOs cite problems with data structures, difficulties ensuring adequate security and business continuity, and variations in infrastructure between business units as three of the top four obstacles to compliance. These issues are closely related; they are the result of years of building information systems one-by-one in complex organizations, where data definitions, business rules and operating procedures are set department by department. A big company might have dozens of definitions built into its information systems for something as fundamental as a "product" or a "customer," and it might have hundreds of conflicting business rules for managing the data. For a company that's grown rapidly via mergers and acquisitions—as many have over the past decade—the problem is compounded.
Vizard: Breaches, Flaws and Security, Oh My!
Just about every customer on the planet is realizing that the biggest issue they have is not a lack of security devices, but rather that all their devices are typically mis-configured.
HP StorageWorks Scalable NAS is highly available, scalable network-attached storage for any industry solution. To learn how you can take full advantage of fault-tolerant NAS that seamlessly scales capacity and performance, visit:
http://www.hp.com/go/scalablenas
Microsoft-hosted solution offers you advanced customer relationship management capabilities without a major investment in IT and staffing.
Try It for free for 30 days!
Solution Builder 
