Although the majority of chief executives confirm they've been paying more attention to compliance issues over the past six years, less than half of IT executives consider compliance a critical initiative with full management support. This is just one of many findings pointing to big disconnects in "CEE the Future: Building the Compliance-Enabled Enterprise," a study conducted by the Business Performance Management Forum, the IT Compliance Institute and Chief Executive Magazine, and sponsored by AXS-One.
Compliance demands around regulations such as the Sarbanes-Oxley Act have become a top management priority, but many firms are still a long way from developing the IT infrastructure, policies and processes needed to align with compliance objectives. As a result, these companies remain unprepared for a lawsuit, audit or regulatory request.
The study reveals a number of potential weaknesses within corporate technologies and processes:
• Close to half (47 percent) of senior executives are concerned that their companies' failure to effectively archive and manage all electronic content represents a critical liability.
n Only 40 percent of respondents feel their company is effectively enforcing the electronic records management policies in place.
• More than a third (35 percent) of respondents are in the dark as to how much of their IT budget is tied to compliance-related technologies.
• A third of respondents have no corporate policy covering electronic records management.
• Although lawsuits represent a constant threat, more than a third of respondents (36 percent) say their company has no technology or policies in place to manage a legal discovery order involving electronic records.
• Forty-one percent of the respondents say it would take several days to a week or more to retrieve e-mail messages related to a particular transaction. --Penny Crosman