IT Security Compliance - What are the Critical Success Factors

In recent times there has been significant growth in the intensity and complexity of legislation and regulation that relates to corporate governance. The US Sarbanes-Oxley Act has driven those companies that are quoted on the New York Stock Exchange into a detailed re-evaluation of their procedures for managing and reporting audit information.

Similar regulation has been introduced for companies quoted on the London Stock Exchange. The effects of this regulation has not been confined to those organizations directly impacted. Because a business is expected to show due diligence in the management of all of its audit-related information it will need its business partners, particularly those with whom it has network connections, to meet the same stringent requirements.

An IT department has to move forward from the current service delivery focus to an extended due diligence perspective. This means higher costs to sustain audits and evidence collection and to satisfy compliance with standards and regulations.