Rules Of The Road

Most companies will spend more on IT to comply with regulations than last year, according to a new InformationWeek Research survey. Can they wring any business value from it?

Steven Marlin, Contributor

October 4, 2003

3 Min Read

Among the biggest technical challenges in complying with rule 17a-4 is the need to index unstructured information from E-mails and instant messages, which are essentially globs of text and images interspersed with metadata tags. Conventional keyword-based document-management systems tend to catch extraneous information and return false positives. An analyst sends an E-mail to a colleague about the Ford Explorer he's just purchased, and because his firm tracks the auto industry as part of its business, the E-mail gets picked up and routed to the compliance department.

Another challenge is the sheer volume of data that has to be archived. In order to comply with 17a-4, one large retail bank maintains three years of electronic records, which amounts to 780 terabytes of unstructured information, says Bob Moore, head of Autonomy Corp.'s Aungate division, which makes electronic-monitoring software. The bank also is required to maintain the archive on nonrewritable and nonerasable media, which isn't the cheapest or fastest media available. Conventional indexing methods are useless for a database of that size, Moore says. "Once you start dealing in terabytes, there are all kinds of performance issues, such as the fact that the index itself takes up a huge volume of storage," he says.

Though regulations such as Sarbanes-Oxley require CEOs to sign off on financial results, responsibility for compliance still rests foremost with their top lieutenants. Thirty-nine percent of respondents say the CIO or VP of IT is one of the chief stewards of compliance efforts, while 30% name the CFO. However, it's clear that more people have compliance as part of their jobs --30% say all employees are responsible for compliance.

"The issue has become much more on people's minds beyond those in technology," says Amy Yates, data privacy officer for the human-resources outsourcing and consulting firm Hewitt Associates. And beyond those in any particular industry. The months ahead promise more compliance concerns.

-- With Chris Murphy

Illustration By Craig LaRotonda

Contine to sidebars: Beyond Complying: The Social Security Hot Potato and Watch Out: State Mishmash Can Be Worse Than Federal Law

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights