Software to help CIOs meet governance regulations

CIOs facing a rising bills to meet governance, risk and compliance regulations may be able to control their costs better if they turn to new purpose-built software.

Research analyst Gartner claims the regulatory requirements that directly affect IT operations will double in the next five years.

Gartner said firms that integrate their approach to risk, compliance, standardisation of controls, and automation will cut their manual overhead by 70%. Those that do not integrate their approach will spend ten times more on the IT portion of compliance projects, it said.

IBM, SAP and Accenture are just a few of the firms that hope to capitalise on this analysis. All have introduced new over-arching identity management and provisioning systems to control access to and monitor use of underlying applications and data.

The development comes with a new buzzword, W7 methodology (Who, did What, When, Where, Where from, Where to and on What), which IBM is trying to patent.

The underlying idea is to support auditors’ needs by translating vast amounts of captured security data into a common format that can be easily understood by someone not intimately familiar with all facets of the various areas from which the data have been collected.

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Comment on this article: computer.weekly@rbi.co.uk