HP FORUM : Sarbanes-Oxley adds to IT costs

Compliance burdens posed by the Sarbanes-Oxley Act are proving to be costly for many IT departments, according to Gartner Inc. But companies may be better equipped to meet any new federal regulations thanks to the processes they have developed for complying with the law, IT executives said in Orlando last week.

Gartner estimates that the government’s Sarbanes-Oxley mandates have led to an average increase of 3.3 percent in corporate IT costs. The financial reporting law has spurred increased spending in areas such as records management and security, as well as purchases of new tools needed to ensure the accuracy of financial data, the firm says.

At Eaton Corp., a Cleveland-based maker of hydraulic systems, factory automation devices and other industrial products, regulatory compliance issues have boosted IT spending by about 1 percent, or US$3 million, according to CIO Robert Sell.

But Sell, who took part in a panel discussion at Gartner’s Symposium/ITxpo 2005 conference here, added that if new federal regulations emerge, his strategy will be to rely on the same processes that Eaton set up to ensure Sarbanes-Oxley compliance. He now has one office that manages the IT issues associated with the law in addition to intellectual property protection and data privacy. “We are going to leverage the people and resources across those disciplines,” Sell said.

Other IT managers agreed that the corporate response needed for complying with Sarbanes-Oxley is providing organizational, governance and educational frameworks that should help them to deal with compliance in the future.

Gint Dargis, CIO at Richardson Electronics Ltd. in LaFox, Ill., said the maker of radio-frequency and wireless components now has the ability “to scope out the impact to the company” if new mandates materialize.

Moreover, regulations “are coming together — these things are not going apart,” said Jim Magliano, senior information systems director at West Pharmaceutical Services Inc., a Lionville, Pa.-based company that makes components for syringes, IVs and other medical devices. To illustrate his point, Magliano said that many of the requirements posed by Sarbanes-Oxley also apply to health care regulations, such as the Health Insurance Portability and Accountability Act.

The one thing companies can’t do is treat regulatory mandates lightly, warned panel members.

It’s important to ensure that top executives and board members take compliance seriously enough, said Ken Coleman, chairman and CEO of ITM Software Corp., a business management tools vendor in Mountain View, Calif. “This is superimportant. The consequences [of not complying] are significant.”

Sell noted that helping a company meet its regulatory requirements is a task IT managers should willingly step up to. “What a great opportunity — especially for people in IT — to demonstrate some leadership,” he said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now