Lack of governance and risk planning costs UK firms dear

Ad hoc approaches to governance, risk management and compliance are said to be costing the UK economy £1.5bn a year

Poorly co-ordinated corporate governance, risk management and compliance (GRC) procedures are costing the UK economy an estimated £1.5bn each year, according to new research by GRC specialist su53Solutions.

The data, gleaned from 200 UK-based CIOs, showed that enterprises are losing about 510 days in lost productivity due to ineffective GRC controls.

"Ever since directives such as Basel II and Sarbanes-Oxley came into force, businesses have been working hard to eliminate incidents of risk, such as corporate malpractice that impact company reputation," said Martyn Proctor, managing director at su53.

"Companies have a tendency to respond to any GRC issue that comes up with an emergency reaction. These result in lots of separate projects to manage and is ultimately inefficient," he added.

"Firms need to have a strategic view of what matters to your business and not get bogged down with security and controls. This needs to be managed from the top down."

More worryingly, CIOs also indicated that if it meant a loss in productivity, employees in their organisation would turn a blind eye to GRC controls. For instance, in 69 per cent of enterprises workers admitted temporarily giving their log-in details to a colleague without approval from IT.