With a raft of legislation relating to corporate governance being implemented both internationally and at country level, appropriate and effective management of information within organisations is critical. This wave of regulations requires organisations to deal with information effectively - from creation, through storage, retrieval and analysis to eventual destruction. Accurate accessible information is key to organisations' operational processes, and rapid retrieval and analysis is a basic requirement for organisational agility to respond to business demands. Many regard compliance as a cost centre, but compliance legislation and regulation for the most part is just the codification of best business practices. Butler Group argues that compliance is about running a better business, and those that do it well will gain significant competitive advantage.
The Butler Group report on Solutions for Compliance makes the following points and recommendations:
* Organisations at all levels, will be forced to put in place an effective regime for compliance with information legislation, or risk the serious consequences that will ensue from failing to meet these obligations. The effective use of IT solutions will provide the means to gaining a better understanding of how a business operates through documenting of, and adherence to, effective processes.
* To achieve a high level of compliance, an organisation must undertake an analysis of its processes and acquire a thorough understanding of how they work. Compliance requires the monitoring of those processes to measure the effectiveness of a business as a whole. The only person within an organisation who can have the holistic view, and responsibility for management of information is the chief information officer (CIO) or chief technology officer (CTO). It is Butler Group's opinion that for any compliance initiative to be successfully achieved it must be driven by the CIO/CTO.
* Butler Group believes that the CIO/CTO should recognise compliance as a major opportunity to drive organisational change and improvement. The CIO/CTO must examine the relevant regulations and how they fit with the organisation's business objectives. A framework of requirements should then be developed from which plans for compliance can be implemented on an incremental basis.
* Cultural change will be crucial; compliance solutions will not work otherwise. CIO/CTOs must work closely with business and HR managers to ensure that any imposed compliance solutions do not heavily interfere with working practices, otherwise they will be ignored or 'worked around', placing the organisation at further risk.