'Compliance' Apps: Real Solutions or Oversold Tools? Page 2
Roadmap to Compliance
What needs to be done (preferably before any software is purchased), Moran recommends, is a thorough assessment of your company's financial infrastructure from an IT perspective. At one time, Oracle, for example, was running 90 accounting applications in 120 different countries. Today, the company fields just one.
"The [compliance] applications can't help you if two-thirds of your world is run off of spreadsheets," agrees John Parkinson, Cap Gemini Ernst & Young's chief technologist for the Americas.
Basically, there are five stages to get to compliance, according to Moran: documentation, analysis of risk, placement of controls, monitoring those controls, and reporting. "And that's all assuming you've got a business model you can actually summarize like that," he adds.
Compliance applications can help you with most of these challenges or just one, depending on the solution. But this is an ideal-world scenario, Moran says. In between each of these stages are most likely layers of business processes on top of layers of business processes — and that's where things can get tricky.
"People are realizing that this is a more a services-, business-orientated process problem," says Mogull. "There's not a magic-bullet technology solution."
Feature courtesy of the CIO Information Network.
Back to Enterprise Storage Forum