Archive
Laptop Security Blog The IT Policy Compliance Group (IT PCG) has published its ann
ual report on IT Governance, Risk and Compliance. The 2008 Report, which can only be downloaded by members, looks at research conducted with more than 2600 organizations.
According to the published brief, security and compliance spending can lead to higher profits, lower expenses and improved customer satisfaction. Although many companies dread spending on compliance and security, even with the risks associated with cost-cutting methodologies, the report indicates that companies that move up the IT governance, risk and compliance (IT GRC) maturity scale are seeing a high return on their efforts.
IT GRC encompasses practices to deliver greater business value from IT strategy, investment and alignment, as well as mitigating risk and conforming to compliance mandates. What the data shows us is that IT GRC mature companies enjoy higher revenues & profits while spending less on regulatory compliance. These best practices also lead to a reduced risk if a data loss were to occur – from .4% of revenue in mature organizations vs 9.6% for less mature companies.
Those companies considered most mature were not necessarily large business, but businesses that have effectively adapted security process frameworks to their businesses. Less-mature companies tend to over-focus on operational process frameworks.
You can continue reading about this report from Network world, where there’s a great overview.