[This column lets experts in the information technology industry discuss the challenges and trends in their special niche in the marketplace.--Ed.]
Business executives face a monumental dilemma as they find themselves caught in tough economic conditions, competitive pressures, and mounting compliance demands.
So what's the mantra of the day? Try containing costs while continuing to drive productivity. This is a tall order for CIOs who have already slashed their 2009 IT budgets and feel the pinch from runaway compliance costs.
As new regulations continue to grow in number and complexity, never-ending compliance projects divert precious staff time and operating budget away from growth-supporting initiatives to reactive activities, such as regulatory audits.
And the future doesn't look any brighter. With the crumbling of Wall Street, we can expect the burden of compliance to grow exponentially as the government responds to current risk management inadequacies with an onslaught of new rules and regulations.
As demands to control the bottom line increase and regulators become even more aggressive, over-investing in compliance-related programs can negatively impact a company's ability to fund future growth initiatives. When this storm cloud passes, companies that fail to evolve may be left in the dust.
How to Beat the Budget Crunch
For CIOs who want to break out of the current inflated threat and compliance-driven spending model to develop more resilient and cost-effective processes, I've provided the following budget-saving tips, ideas, and solid practices:
* Tip No. 1: Perform an inventory of IT and security infrastructure assets. Companies with geographically dispersed data centers and computing assets have difficulty collecting data and classifying assets. New compliance automation technologies can aggregate data across infrastructure, assets, and locations, freeing up precious resources and, ultimately, money spent on manual processes.
* Tip No. 2: Automate collection of "tribal knowledge." Reliance on paper-based surveys and manual data-collection processes can be a slow, complex, and error-prone process. Moving to web-based surveys and workflow drives faster decision making and more timely and cost-effective compliance and provides the data for improved visibility across organizational boundaries.
* Tip No. 3: Centralize policy management. Large IT organizations spend excessive time and resources on creating, distributing, and managing IT policies. Today's IT policy automation products can help businesses keep up with this monotonous task and cut costs by offering advanced survey capabilities and highly automated tools.
* Tip No. 4: Use technology to map compliance controls. Translating general statements of laws and regulations into specific and defensible controls for compliance is one of the most difficult and time-consuming challenges of compliance. Today's compliance solutions come with controls mapped out of the box: Simply select the applicable regulations, policies, and standards with a click of a mouse to automatically map controls. …