WEDNESDAY, JULY 29 | How Partners Can Help Their Customers Make The Most Of Cloud As The Future Of Work Takes Hold
Organizations Unclear about Major Changes Influenced by Compliance Procedures
STAMFORD, Conn.-Aug. 17, 2004 - C-suite executives are significantly more likely than line-of-business managers (vice presidents, directors, managers, and business staff) to increase outsourced functions as a result Sarbanes-Oxley (SOX) compliance efforts, according to an extensive study of enterprise compliance strategies released by META Group, Inc. (Nasdaq: METG), a leading provider of information technology (IT) research, advisory services, and strategic consulting. Conversely, IT professionals are more likely to believe that compliance will not impact outsourcing decisions.
Entitled Organizational Trends in Sarbanes-Oxley and Regulatory Compliance Issues, the META Group study also found that organizations are confused and disjointed regarding the objectives, necessity, focus, direction, and strategy of compliance initiatives. Most enterprise stakeholders polled do not expect to see major changes to business and IT processes as a result of compliance procedures. According to META Group analysts, these findings suggest that organizations generally lack an understanding of the scope and necessity of required compliance initiatives.
"Companies must address the fundamental confusion surrounding the impact of compliance on the organization," said John Van Decker, vice president with META Group's Enterprise Application Strategies service. "The effects of SOX will be felt across the board, especially within the IT function. Organizations need to understand and prepare for compliance measures that will influence everything from reporting, to auditing, to supply chain management."
META Group analysts point to the expected impact of compliance measures on outsourcing as the study's most telling example of how ill-informed organizations are about the pervasive effects of SOX. Only 55 percent of respondents surveyed believe that compliance measures will change their use of external business or outsourcing services. Of that group, only nine percent characterized the expected changes as "major."
Moreover, survey responses were mixed regarding the nature of the changes expected. Twenty-one percent of those surveyed indicated that they are more likely to outsource functions as a result of compliance with SOX regulations, while a slightly smaller group (19 ercent) expect to outsource less. Seventeen percent of those polled do not expect compliance to have any effect on outsourced work, while a full quarter (25 percent) indicated that they had no way of calculating the impact.
META Group analysts stress the importance of understanding the impact of compliance mandates on outsourcing, given the significant new obstacles posed. "Organizations are just as responsible for ensuring the compliance of outsourced IT systems and processes as they are for those systems maintained internally," said Van Decker,. "This accountability will present a challenge to organizations, since they must assess whether their outsourcers' controls are compliant and adequately documented. Companies cannot do this without first understanding the fundamental impact compliance measures will have on all business processes, particularly outsourcing."
META Group works closely with leading IT organizations to provide actionable recommendations about outsourcing initiatives and SOX compliance. For companies seeking to ensure regulatory compliance among internal and external programs, these recommendations include gaining consensus among auditors, relevant business and IT units, executives, and board members about how to define what constitutes an adequate control assessment for outsourced processes until regulator clarification is provided.
About the Study
META Group executed a market research study of those with knowledge of decisions about the selection and implementation of compliance solutions and services for their organizations. The study is based on a random sample of nearly 300 executive, finance, and IT decision makers and influencers.
About META Group
META Group is a leading provider of information technology research, advisory services, and strategic consulting. Delivering objective and actionable guidance, META Group's experienced analysts and consultants are trusted advisors to IT and business executives around the world. Our unique collaborative models and dedicated customer service help clients be more efficient, effective, and timely in their use of IT to achieve their business goals. Visit www.metagroup.com for more details on our high-value approach.
Jessie Shepherd Markom Marketing +61-2-9977-8922 firstname.lastname@example.org
Peter Carr, Vice President, Director Operations META Group +61-2-9290-8624 email@example.com