Companies that have deployed new systems to comply with government regulations such as the Sarbanes-Oxley Act are finding these investments can do double duty by helping them to improve business processes, according to a survey of 332 companies by AMR Research. Nearly 75 percent of respondents plan to use their compliance investments to support other activities, such as streamlining business processes.John Hagerty, vice president of research with AMR, says regulatory mandates have put a new spotlight on IT as a means to mitigate business risk. Prior to these mandates, risk management didn’t get executive attention. CEOs and boards were reluctant to invest in technology to combat risk, he says. But Sarbanes-Oxley especially has made them more attuned to the technology underpinnings that compliance requires. “So you see the board open its wallet to fund some of these programs,” says Hagerty. One area where compliance mandates have prompted support is for security and identity management. Sarbanes-Oxley, for example, requires appropriate access controls to corporate systems so that an employee cannot change data unless he is authorized to do so. And so, CIOs have permission to deploy access management systems and procedures that they may have been unable to justify previously.Meanwhile, Hagerty adds, the emphasis of Sarbanes-Oxley on process controls fosters greater awareness of quality assurance. The required reviews prompt companies to examine processes that are not working well or controls that are failing. Sarbanes-Oxley has also provided support for business process management (BPM). Sarbanes-Oxley compliance depends on standardizing processes so that points of failure are minimized. BPM technology supports this standardization across a company. Best Practices:Compliance comes first. Focus on what is absolutely required to satisfy the regulatory mandate. Determine what types of training, new business processes and software you will need to meet the requirements.Indentify double-duty investments. CIOs have a global view of the company that other business leaders do not, says Hagerty. Use that knowledge to target compliance investments toward processes that need improvement. Because other business leaders will likely view compliance spending as an expense, explaining the business benefits can help make the case for investment in new technology.Watch for overlap. Many regulations have common business requirements, such as managing documents and records, standardizing business processes, creating reports, managing risks, and implementing security and audit controls. You may be able to use the same applications to comply with multiple regulations. Related content BrandPost Stay in Control of Your Data with a Secure and Compliant Sovereign Cloud By Stan Kwong Mar 23, 2023 6 mins Cloud Security Cloud Computing News Accenture to lay off 19,000 to cut costs amid economic uncertainty Technology services giant Accenture will continue to hire but meanwhile is cutting staff to streamline operations in the face of economic headwinds. By Anirban Ghoshal Mar 23, 2023 2 mins IT Consulting Services Technology Industry BrandPost Advice from procurement: How to evaluate and propose new IT investments By clearly defining needs and requirements, evaluating TCO, and performing risk assessments, procurement and IT teams can work together to help their business leaders make more informed decisions for an improved bottom line. By Bo Bradshaw, Edgio Procurement Director Mar 23, 2023 5 mins SaaS BrandPost Why AI is key to hiring and retaining developers Data shows that the opportunity to build AI-powered apps figures very prominently in where developers decide to work. By Bryan Kirschner, Vice President, Strategy at DataStax Mar 23, 2023 4 mins Artificial Intelligence IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe