Survey shows SOX bringing IT, business together

SOX is leaving its mark. And it may be helping IT shed its Rodney Dangerfield complex.

Polling some 300 IT executives from its roster of members, the Society for Information Management (SIM) found that aligning business and IT is the most important issue for CIOs today.

That's hardly a shocker, but what is noteworthy is the impact of the Sarbanes-Oxley Act (SOX).

The deadline for compliance with Section 404 of the law is creeping up on its Nov. 15 deadline, which probably explains why government regulation has crept into the sixth most important concern for CIOs. This is the first time compliance nabbed a notch in SIM's poll.

Dean Lane, SIM member and IT director at Cupertino, Calif.-based Symantec Corp., believes concerns over SOX compliance and business alignment are linked because SOX basically is forcing business to "play nice" with IT.

"Renewed emphasis is coming [on alignment] because of SOX," he said. "The industry is making an error when it foists [compliance] on the organization as if it's a finance thing. IT is being treated as an also-ran even though the processes and procedures and scripts are all in the IT department.

"Alignment is necessary now for people to understand that you can't blame IT for the bad stuff and give credit to business for the good stuff," he said.

Finishing second on the list of concerns was retaining IT professionals, a finding which may show that CIOs feel the need to hang on to their best people and not allow a fear of outsourcing to scare their best workers out the door.

Security and privacy, IT strategic planning, and speed and agility rounded out the top five list of concerns.

Survey respondents also were asked about their IT budgets for 2005 compared to 2004. Forty-three percent said they would spend more in '05, while 33% said their spending would neither increase nor decrease.

Staffing gets the biggest piece of the 2005 budget pie for 39% of respondents. The rest was a pretty even split between software (19%), hardware (17%), and services (17%).

Top techs

As far as technologies and applications go, most CIOs are most interested in the ones related to security, testament to the scourges of spam, spyware, adware and viruses.

Business process management (BPM) was the second most important technology followed by last year's top tech business intelligence (BI). Web services and customer portals rounded out the top five.

Dr. Jerry Luftman of the Stevens Institute of Technology, who conducted the survey for SIM, said that the list shows just how much IT has changed over the last year.

"Four of the top six categories -- security technologies, BPM, customer portals and data synchronization -- were not even in the top 10 last year," Luftman said in a statement. "CIOs and CEOs face more challenges than ever to leverage the rapid changes in information technology that can help them better align IT with the goals of the business."

Lane thinks that the renewed emphasis on alignment with business – as well as the reality of SOX – may help business units realize that IT is more than just a giant calculator for the CFO.

"There's certainly something afoot," he said. "People may be recognize now that the CFO should report to the CIO. Today, there's a new common language spread across the functional departments – it's called "information," and it includes dollars.

"Where does the CFO get his information? From the CIO," Lane said.

Read more on IT risk management