Research carried out by the IT Governance Institute has shown that companies adhering to the conditions of the Sarbanes-Oxley Act do not suffer any serious IT security problems.
The two main IT-related problems facing companies today are operational incidents and staffing issues, according to a study commissioned by the IT Governance Institute (ITGI).
Interestingly, IT security and compliance with regulations were identified as the least important problems, which the study attributes to greater efforts being made to comply with regulations such as the Sarbanes-Oxley Act (SOX).
The survey was based on 695 interviews with chief executives and chief information officers in 22 countries. It found several signs of improvement since 2003. The inclusion of IT on boards' agendas has risen, for example, and 63% regularly or always include IT, compared to 58% in 2003.
A total of 57% of the respondents stated that IT played a very important role in the delivery of corporate strategy; in 2003 that figure was 52%. However, only 24% of chief executives are responsible for IT governance, which suggests that top management is still ignoring a very important function.
“The most important result highlighted by the study is the respondents' sensible attitude towards IT security problems. That fact demonstrates just how important the SOX regulations are in practice. Meeting the requirements of SOX has meant that businesses now have much greater internal controls in place in the corporate environment. Those companies that still haven't complied with SOX should seriously think about doing so in the near future," believes Denis Zenkin, marketing director at InfoWatch.
Source: vnunet.com
