Compliance Help Often Doesn't

Byte and Switch Insider looks at potential pitfalls of using hired hands to comply with regulations

July 21, 2005

3 Min Read
Network Computing logo

Hiring compliance services is a given for much of corporate America, but success is far from guaranteed.

A lack of standards and possible conflicts of interest hinder the effectiveness of many compliance services, according to the latest Byte and Switch Insider, this sites paid subscription research service.

The report, “Compliance Services: Help or Hindrance?” shows there's no lack of demand for compliance services. AMR Research Inc.forecasts $3.79 billion will be spent on compliance services this year, as organizations battle to comply with the Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), and myriad other regulations.

Yet not all companies are successful in their compliance projects (see Compliance Services: Get What You Pay For). In the storage networking industry, BakBone Software Inc. (Toronto: BKB), Brocade Communications Systems Inc. (Nasdaq: BRCD), and Veritas Software Corp. (Nasdaq: VRTS) have run into accounting problems in dealing with compliance issues (see BakBone Still Out of Whack, SEC Gets Formal With Brocade, and Veritas Misses 10K Deadline}. At the least, these kinds of problems are embarrassing. At the worst, compliance failures can result in fines, lawsuits, or other penalties.

Despite the proliferation of services, help isn't always easy to get. Most firms don’t cover the full range of requirements, so companies often engage more than one to meet their compliance needs. A lack of standards makes it tough to ensure that outside consultants meet best practices. The report also questions the objectivity of vendors that peddle compliance services as an adjunct to their own products.Even top firms don’t always get it right. The Professional Oversight Board for Accountancy (POBA), a group charged with making sure auditors hired by public companies in the U.K. meet regulatory guidelines, cited shortcomings among “Big Four” firms. Problems included lack of knowledge of regulations and misapplications of technology during compliance audits.

Not all is lost, though. Along with problems to avoid, the report details the benefits that compliance services can provide -- including often overlooked security controls. They also provide help for compliance assessment, risk assessment, policy making, and IT implementation. And standards could be on the way. A Data Governance Council set up by IBM Corp. (NYSE: IBM) with leading financial customers is working on developing standards for compliance, security, and privacy issues.

The report takes a close look at specific service providers, breaking them down according to their areas of expertise. Service providers mentioned in the report include:

— Dave Raffo, Senior Editor, Byte and SwitchCompliance Services: Help or Hindrance? is available as part of an annual subscription (12 monthly issues) to Byte and Switch Insider, priced at $1,350. Individual reports are available for $900.

To subscribe, or for more information, please visit: request a free executive summary of the report, or for details on multi-user licensing options, please contact:

Jeff Claudino
Sales Manager
Insider Research Services
[email protected]

For review copies, members of the media may contact:

Gabriel Brown
Chief Analyst

Insider Research Services
[email protected]

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights