Banking

CIO Jury: Are high compliance costs worth it?

IT chiefs see long-term benefits despite short-term headache
The high IT cost of compliance projects has proved worth it for the wider business benefits such projects have brought, according to UK CIOs.

The raft of regulations such as Basel II, International Accounting Standards (IAS) and Sarbanes-Oxley (SOX), introduced to prevent another Enron, have been a heavy drain on IT departments both in terms of time and budget.

Earlier this month industrial gases multinational BOC admitted that SOX compliance alone would cost £20m more than expected over the next two years.

But 10 IT chiefs on silicon.com's CIO Jury user panel said the investment has produced benefits beyond simply meeting regulatory targets and deadlines. Just two said it hadn't.

Some cited improvements in business processes as a result of compliance work as an immediate benefit.

Vincent Chatard, IT director at ING Direct, said: "We used SOX and similar initiatives to drive improvement in our overall security and processes."

Others expect to see benefits but only in the long term and John Odell, group IT director at the BBA Group, said cost reductions and improved products are likely to result from better IT governance on projects.

Gavin Whatrup, IT director at advertising agency Delaney Lund Knox Warren & Partners, said the business will benefit in the long-term as corporate customers increasingly demand proof that a supplier is a law-abiding operation.

"Compliance at first seems like a necessary evil but the long-term benefits will eventually manifest themselves," he said.

Some of those benefits have come at a cost for others, however. Peter Pedersen, CTO at Blue Square, said: "Compliance has to be achieved within existing budgets. Thus it is at the expense of other things."

But Steve Ritchie, CIO, Investcorp, said: "At this stage it's more about the potential cost of not being compliant rather than the benefits of being compliant."

Today's CIO Jury was...

Vincent Chatard, IT director, ING Direct
James Findlay, head of ICT, Maritime and Coastguard Agency
John Keeling, director of computer services, John Lewis Partnership
Christopher Linfoot, IT director, LDV Vans
Dharmesh Mistry, CTO, Edge IPK
Steve Noyes, head of IT, The Met Office
John Odell, group IT director, BBA Group
Peter Pedersen, CTO, Blue Square
Chris Robinson, CIO, Staffordshire County Council
Peter Ryder, head of ICT, Preston City Council
Steve Ritchie, CIO, Investcorp
Gavin Whatrup, IT director, Delaney Lund Knox Warren & Partners

If you are a CIO, IT director or equivalent at a large or small company in the private or public sector and you want to be part of silicon.com's CIO Jury pool, or you know an IT chief who should be, then drop us a line at editorial@silicon.com

0 comments

Editor's Picks