According to CIO Magazine, concern over compliance has moved up, from 8th to 6th in the list of top ten concerns for CIO’s. Clearly, many companies are bound by regulatory compliance. For some companies, regulatory compliance is now weaved into the fabric of their organisation. Other companies are confusing security with compliance. This is understandable since many governance and compliance regulations were spawned from risk management and therefore directly affect security.
CIO Magazine suggests that this focus on compliance has allowed the CIO to understand exactly what resources and processes an organisation has in place. They then go on to suggest that this leads to increased efficiency and throughput.
I find it remarkable, given this increased awareness and focus on governance, risk and compliance that companies, in increasing numbers, are not yet turning to BPM technology to provide a framework for their GRC processes. If they did, they would have an unprecedented view into the current state of their business and they would be building a platform for continual improvement.