Is ignorance risking business?
By Steve Ranger
Published: 4 May 2005 16:15 GMT
Nearly half of IT executives claim they aren't fully aware of the standards and legal requirements that apply to them.
In a survey of 300 IT decision-makers conducted by the National Computing Centre (NCC), 44 per cent admitted to not being fully aware of IT standards and legal requirements - and 22 per cent admitted to not having any awareness of the issue at all.
Sarbanes-Oxley Act and Financial Services Authority regulations, as well as legislation such as the Data Protection Act, can all have a bearing on the IT department. Other standards such as BS7799 and the e-government interoperability framework can also apply.
Stefan Foster, managing director of NCC, said: "This is an alarming figure, indicating significant lapses in compliance and poor adoption of best practice."
He said that while IT executives might be aware of legislation they might not realise its implications for them. "It's a question of the connection," he said.
"The legal side of the business might pick up on data protection but does the IT department implement it in the same way," he added.
This lack of awareness could have a real impact on business he warned: "Larger corporates will also insist on compliance to standards so as to minimise risk in their supply chains, so non-complying IT functions beware… you could affect the fundamentals of your business."
Clive Davies, IT and outsourcing partner at law firm Olswang, said IT chiefs have a "pivotal" role to play in making sure companies comply with regulation.
IT directors should be involved with the creation and implementation of compliance policy, he said. "It's not primarily down to the IT manager but they have an important role to play."
People don't know because it does not matter - for...
Aden Brill
The world used to rely on common sense laws. Most ...
Ken Thompson
Why worry
It will take 30 years for case law to r...
Roger Huffadine
Good for Lawyers: Bad for Business.
The craze ...
Richard
As the data protection registrar doesn't worry abo...
james Button
The purpose of the role is to develop strategy, policy and guidance to promote and develop 'best practice' as defined by the Information Governance ...
Helping to develop and maintain procedures to ensure Data Protection legislation is complied with. Our client, a highly successful retailer with an ...
Data savvy data protection and email executive Location: London Salary: 25000.00 - 350000.00 Company: Premier Group Recruitment Job type: Permanent ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Dell PowerVault DL2100 Powered by CommVault - Spec Sheet
Data Protection Strategies: Deduplication for More Efficient Backups
True Convergence Demands a Communication Service Provider that Embraces a Customer-Centric...
Learn how Performance Metrics for Telcomm Expense Management Drive new ROIs and SLAs
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Mark Crichard Doing business with citizen developers: Beware the legal pitfalls Legal Eye: Make sure your business is protected from potential hazards
Tim Ferguson How CIOs can achieve post-recession success Q&A: McKinsey & Company on living in the 'new normal' business world