Key findings include:
* 45 percent of respondents anticipate no change in 2010 security audit costs
* 8 percent expect a decrease in security audit costs in 2010
* 45 percent experienced increased security audit costs and only 6 percent saw a decrease from 2008 to 2009
* 83 percent of respondents report they are effectively identifying security and compliance issues prior to an audit
"The increasing complexity of regulatory requirements continues to be a key cost driver for many companies' compliance initiatives," said Elizabeth Ireland, Vice President of Strategy for nCircle. "It is interesting to note that, while a significant percentage of companies believe they are identifying security and compliance issues prior to beginning an audit, organizations are not yet realizing the cost savings that can come from process maturity."
Added Ireland: "Unless companies have a strategy that automates the continuous monitoring required for various regulations and can report on it to suit the requirements of a specific audit, the process remains very resource intensive and costly. There is definitely an opportunity for cost reduction here for the majority of organizations."