Poor communication between IT departments and finance departments is hampering compliance projects, according to Laurie Stephens, vice-president and head of compliance services at Capgemini.
Stephens said IT and finance directors had different views about the benefits of compliance projects for regulations such as Sarbanes-Oxley.
This has made it more difficult for IT directors to plan projects for compliance with corporate regulations, while IT projects that are not related to compliance have had to be postponed, he added.
"Sometimes the chief financial officer does not see compliance as an opportunity to streamline the business and will expect the IT department to cobble together systems and do much of the donkey work," he said.
Stephens' comments highlight a long-running turf war between IT and finance departments over the control of IT spending and the impact of regulations such as the Freedom of Information Act and Sarbanes-Oxley.
To make compliance projects easier, Stephens suggested organisations should use technology to automate business and, where possible, reduce the number of IT systems to make it easier to find important information.
He said the biggest challenges facing IT directors in compliance projects are dealing with disparate IT systems, often in different regions; demonstrating to regulators that there are controls on access to sensitive information; and documenting various business processes - for instance, invoicing a supplier - in an electronic format.
Business benefits of compliance
Much of the publicity surrounding corporate governance regulations has focused on the penalties companies face for failing to achieve compliance. But according to Laurie Stephens, vice-president and head of compliance services at Capgemini, compliance with regulations can yield a range of benefits for IT departments.
If IT departments take a long- term approach to compliance, the benefits will include a 15% to 30% reduction in operating costs and better quality data, he said.
"For the IT department, the compliance challenge is about bridging the gap with the rest of the business and ensuring regulatory compliance is embedded in the business processes and supporting systems."
Stephens said the benefits to IT departments of a systemic approach to IT can include:
- Improved efficiency for the IT department via the elimination of data silos to provide a "single version of the truth" for key information. This provides more accurate data and better knowledge of the customer and suppliers.
- Improved efficiency for the IT department through standardised, consistent business processes. Ways of working also become more consistent.
- Better value for money from IT suppliers as a result of standardised requirements and procedures.
- Better alignment between the IT department and the rest of the organisation.
- Reduced operational risk as a result of improved risk management processes and procedures.