The new IBM Tivoli Compliance Insight Manager will help companies track, report and investigate non-compliant behavior across their enterprise. It monitors user behavior in comparison to policies for compliance purposes, automatically providing alerts when information or technology assets are at risk, when data or systems are inappropriately accessed, or if security policies have been violated.
Security audit and compliance management have become a significant burden to IT organizations, as laws and regulations such as Sarbanes-Oxley, Basel II, HIPAA and others can lead businesses to collect information to demonstrate that proper internal controls are being deployed and enforced.
The number of these regulatory requirements that directly affect IT operations is expected to double in the next five years. And, in accordance with this doubling, analyst firm Gartner also predicts that, through 2011, companies pursuing an integrated strategy of a risk-oriented approach to compliance, standardization of controls, and automation will reduce the scope of manual process controls by 70 percent and will get the most collateral business value from their compliance investments.
Additionally, through 2010, companies that select individual solutions for each regulatory challenge they face will spend ten times more on the IT portion of compliance projects than companies that take a proactive and more-integrated approach.