George Gardiner
George Gardiner

Governance rules OK

Corporate governance rules will be top of firms' agendas in 2005

Written by George Gardiner

I was somewhat surprised to hear from a client that one of the biggest issues for his organisation in 2005 is compliance with Sarbanes-Oxley (SOX) corporate governance regulations. I had assumed the issues were fairly well understood and were being addressed. But it seems firms are struggling with the day-to-day problems of implementing SOX as an integral part of their processes.

Affected firms recognise the need to comply with SOX, Basel II finance rules and other corporate governance regulations, and now software vendors are launching products to help them.

Competition and variety in the software market is a good thing, but suppliers and potential customers need to be a bit more cautious. I'm not sure everyone understands what compliance is, particularly as it differs for each business. Compliance is not just a case of ticking a box.

Whatever measures are introduced, they have to satisfy an objective externally mandated set of requirements. In particular, you cannot have a compliance product that has weak security.

Compliance is about verification and authentication. Even software vendors who promote security and accountability as key features in their applications sometimes miss the mark.

Security and accountability have to apply from the system administrator down to the end-user and through all stages of the information lifecycle from the cradle to the grave. If the system administrator is not fully audited how can you ever prove that he or she hasn't altered the data? As an IT manager I would want the comfort of knowing that I am audited, otherwise the finger of blame will always be pointed at me.

Security and accountability also means that there have to be checks on the source and accuracy of the data. Both initially and throughout its life, data has to be secured in your systems, and it has to be securely archived. Encryption and access control is an absolute must.

In this minefield of legislation and regulations we find the Data Protection Act waiting to trap the unwary. Firms will have to take a pragmatic, sensible approach, ranking their compliance requirements by importance to the business and then dealing with them in order of priority. It is also possible that some firms will not be able to afford full compliance.

There are quite a few acquisitions taking place at the moment, as smaller firms are being taken over by larger ones. This raises another issue - the need to verify that the acquiring business gains ownership of the intellectual property rights it wants.

Unfortunately, nothing replaces a proper due diligence exercise. It is costly, but if you don't know what you are buying how can you value the business?

Every acquisition brings with it a complete can of worms. I am in the business of sorting these problems out, but I would prefer it if most of them were prevented or known about in the first place. I don't like surprises, particularly when they are costly. As tedious as it is, you simply have to conduct a proper due diligence process.

Tags:

reader comments

related articles

Sun will work with consultancy partners to help customers prepare for compliance legislation

Sun comes out for UK compliance

Partner programme aims to demystify UK regulations 23 Mar 2005

 

related whitepapers

today's top stories

Update and consolidate

Many firms still make do with a patchwork of aging e-commerce systems, but as the ability to conduct and grow business online assumes ever greater importance, such companies are unlikely to be around for long. So how should IT chiefs gear up for the challenges ahead? Martin Courtney finds out 14 Jul 2009

CIO priorities for the next six months: the Gartner view

Gartner research director Dave Aron outlines the three key priorities for IT leaders during the second half of 2009 13 Jul 2009

The wishful CIO – the further adventures of Bob

Like a phoenix, Bob has risen from the ashes of his once fast-tracked career . He is pursuing a green agenda as... 10 Jul 2009

Infallabile opposition to outsourcing

The Holy Father, Pope Benedict, has warned of the dangers of outsourcing. Yes, you’d better believe it. The Vatican is now stepping... 10 Jul 2009

Google Chrome OS - We didn't see that coming did we?

Reading through the various news and blog sites on the internet it seems the wheels of the rumour mill are turning apace... 10 Jul 2009

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

Job alerts

Sign up here

Find your next job

IT Salary Checker

Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will Google Chrome OS be a genuine alternative to Windows?

Will Google Chrome OS be a genuine alternative to Windows?

Tell us your views on the new operating system rivalry

View poll results

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

Latest in-depth articles

A man working in a warehouseFeatures

Update and consolidate

Many firms still make do with a patchwork of aging e-commerce systems, but as the ability to conduct and grow business online assumes ever greater importance, such companies are unlikely to be around for long. So how should IT chiefs gear up for the challenges ahead? Martin Courtney finds out 14 Jul 2009

Laptop showing GHD web siteFeatures

Case study: GHD

Analytics upgrade ensures hair grooming firm is a cut above 14 Jul 2009

Advertisement

Primary Navigation