Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
June 17, 11:30 AM - 12:30 PM U.S./ET (GMT-4)
Larry Bonfante, CIO of the U.S. Tennis Association, will discuss the skills and approaches that your rising IT leaders must learn to be effective in an executive capacity.
How to Handle Your New CEO: Managing Turnover at the Top
June 18, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)
Turbulent times have increased turnover at the top. Find out what Council CIOs have done to "break in" new CEOs—build relationships, set expectations, educate on the role of IT.
Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships
July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)
We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.
Executive Competencies Assessment Tool
Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Tear Down that Silo: Compliance in the Executive Suite
Treating compliance as a one-time project may cost your business up to 10 times more for IT measures than for those who take a proactive and integrated approach.
October 01, 2007 — CIO —
The difficulties of complying with regulations aren't going away; however, there is vast opportunity for organizations to gain competitive advantage by developing the right information technology infrastructure, policies and processes.
Companies looking to stay off the compliance hot seat should develop a repeatable compliance framework, a centralized control mechanism and a top-down organizational structure to implement compliance procedures across the organization. Doing so can help organizations respond to requirements in a faster, more flexible manner.
Companies that treat compliance as a one-time project, on the other hand, may spend up to 10 times more on IT-related measures than for those who take a proactive and integrated approach, according to research firm Gartner.
As threats of accounting scandals, terrorist attacks and data breaches multiply, the importance of laws such as Sarbanes-Oxley and HIPAA is more apparent than ever. Accordingly, the executive suite is becoming more involved with compliance strategy and is demanding increased oversight.
Despite this increased urgency, however, many companies still tackle compliance only when they need to meet a requirement by a certain deadline or avoid lawsuits. Smart companies see an opportunity to build a service-oriented architecture (SOA) as an IT backbone to assess the effect of compliance on business processes and develop a unified approach to replace manual siloed processes.
Employing a Centralized Control Framework
Rather than addressing individual requirements, leading organizations are looking at a centralized control infrastructure based on SOA to manage critical business processes.
To build this framework, the first challenge is the collection and analysis of compliance data that is captured across different repositories within an organization in a consistent, reliable and predictable manner. This can be exacerbated by the relentless deluge of data.
Organizations then have the difficult task of managing the enormous amounts of data effectively and making sense of the information they have collected over the years. They continue to struggle with locating and governing data, determining its worth, classifying risks and identifying whether they have adequate control measures in place. Further, many companies aren't sure how to measure progress around these problems.
Not having an adequate method of governing and measuring data puts the organization at risk. For example, to achieve compliance, organizations should be cognizant of the business impact of an IT outage and have real-time data to assess the availability of mission-critical business capabilities.
Having a centralized control framework allows companies to effectively implement policies while providing a linkage to business controls, including controls over financial reporting. It helps protect sensitive information from unauthorized disclosure, safeguards the accuracy and completeness of information, ensures that information and vital IT services are available when required, and provides information and services with a high level of efficiency.
Better Position your Company to the Investment Community
Investing in Business Analytics Technology
Don't Sacrifice Speed
Virtualization: Unparalleled Agility
Effective Service Management Eases the Virtualization Transition
Meet Rising Demands on IT and Cut Costs
Capitalize on Your SAP Content
IT Consolidation Made Easy
Webcast with Dan Vesset: Investing in Business Analytics Technology
Enterprise Cloud Computing: Ready for Primetime?
BSM in the Field, Practical Insights from Peter Armaly
BMC Service Assurance Demo
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
US FTC Web Site Down Monday
Some Oracle Users Irked About Support Site Switch
Rackspace to Issue As Much As $3.5M in Customer Credits After Outage
Symantec Releases Disaster-Recovery Statistics
Prosecutors Search Offices At Acer's Smartphone Subsidiary
Symantec Desktop Security Software Boasts Reputation Analysis
Broadband Subsidy: Too Much Money, but Mostly Well Targeted
Programmer Steals Wall Street Trading Code, FBI Alleges
The Tech Industry's Most Baffling Buzzwords: a Brief Guide
Even Consumer Reports Finds Smartphone Ratings Are Tough
