Mike Rasmussen of Corporate Integrity has been busy. He’s in the right business – in the current climate, regulation and compliance are climbing right up the agenda and there will, I’m sure, be many extra demands on IT to provide visibility of data and respond to new regulatory demands.
If you read this in time, Mike is hosting a webinar today (Tueday 7th) at 5pm UK time. He’s done a lot of work on a new structured analysis of the global regulatory and compliance (GRC) arena to identify the issues, and, he says, to define 13 core technology areas that the organization should build into an enterprise architecture for GRC.
Gartner have released a short note (and right at the moment it’s available for free) advising IT organisations to prepare for three scenarios: flat spending, a 20% reduction, and a small increase. But I haven’t seen anyone suggesting that IT should be prepared to increase spending on GRC, either by a budget increase or by diverting resources from other things. Think on!
You might like to look at George Colony’s take on the mess as well. He proposes three general rules:
• Apply a simple rule: “If it doesn’t make sense, it doesn’t make sense.”
• Risk assessment and management programs (perhaps within Sarbanes) should be placed on alert to identify danger points (by which he means: where computer models fail rule one)
• Never be afraid to say Andy Grove’s favorite business word: “No.”
This last one reminds me of a visit I paid a year or two back to London Heathrow’s Terminal 5, which was then one of the UK’s biggest building projects. The biggest message, plastered all over the site and aimed at everyone from plumbers to executives, was “It’s OK to stop the project”. No-one was going to get hammered for saying something was going wrong, or unsafe, or didn’t make sense. Most building projects, our host said, get built one and a half times. They aimed to avoid that cost, and did.
• GRC 2.0 the GRC EcoSystem Mike Rasmussen, Corporate Integrity, 6 Oct 2008
• Hal destroys Wall Street Counterintuitive: George Colony, Forrester CEO, 3 Oct 2008
• U.S. Congress Rescues Banks but Pressure on IT Budgets Looms Gartner, 6 Oct 2008