subscribe: Daily Newsletter


Automated governance and compliance cut costs and complexity


Whether driven by legislation or a desire for greater productivity,
companies quickly come to the realisation of the ongoing high costs and
complexity of properly designed and executed corporate governance and
compliance systems.

Compliance is not simply an application that is installed and forgotten, it
is a continual process of monitoring and changing business procedures to
meet the requirements of the methodology selected.
"Deciding which governance or compliance methodology to follow is easy,"
says Amir Lubashevsky, director of Magix Integration. "However, its
implementation and maintenance are critical because the entire process will
fail if they are handled inappropriately. To ease the associated human and
financial resource burdens therefore, companies should look at automating
their compliance and corporate governance processes."
While the implementation and maintenance processes will always require some
human interaction, much of it can be automated. Functionality such as
checking the validity of changes made and identifying vulnerabilities in
business processes are perfect for automation. Lubashevsky says that when
selecting a standard methodology with internationally validated processes,
up to 60% of the work can be automated, reducing the company's time and
financial burden.
"If a company is in a position to match its processes to a textbook
methodology, such as COBiT, up to 100% can be automated," he notes. "Of
course, few companies comply to standards to such a degree, since most have
unique processes they need to retain and integrate as a competitive
There are four main benefits to automating compliance and governance
* Speed: Automation speeds processes dramatically as technology allows for
multitasking without the option for human error.
* Accuracy: Humans are error prone, technology will enforce exacting
standards all the time.
* Cost: Automated systems are cheaper and more reliable.
* Single view: Once running, automated systems provide compliance executives
with a single view of vulnerabilities and key performance indicators (KPIs),
and can compare the two to find vulnerabilities in an instant. It is very
difficult to link these two without technology's assistance.
* Ubiquitous: Not only will automated systems control the technical
infrastructure, but they will also monitor human activities and flag
non-compliant actions.
Automating the monitoring and control of business processes has become
crucial in companies where technology seems to grow uncontrollably and
skills are in short supply. Using technology to do repetitive tasks that are
easy to define leaves expensive human resources for more intricate and
value-adding work.