Leveraging Compliance and Audit-Focused Tools

By Mitch Christensen  |  Posted 2010-11-05 Print this article Print

Leveraging compliance and audit-focused tools

With this reality, how can IT security teams gain efficiencies that will allow their organizations to put more resources into general threat management? One of the greatest untapped opportunities is to better leverage compliance and audit-focused tools and their accompanying processes for general risk management. Compliance tools and processes consume significant amounts of IT security resources but, perhaps surprisingly, they are rarely leveraged beyond their original scope.

A recent online survey of IT professionals bears this out. When 5,000 IT professionals responsible for compliance and audit responsibilities were asked, "How important is it for you to leverage your compliance and audit solution investments for general risk management and internal security," 84 percent of the respondents said it was either "important" or "very important."

Unfortunately, the reality does not match the aspiration. When these same enterprise professionals were asked, "To what degree are you able to leverage your compliance and audit solution investments for general risk management and internal security," 76 percent answered, "I'm unable to" or "I'm able to but only in a limited way."

Furthermore, when survey participants were asked what was preventing them from achieving this leverage, 59 percent responded that they either "don't have enough staff" or "don't believe this can be done with current technology." A major problem reflected in this last result is that most compliance and audit control activities are labor-intensive, making them impractical to apply on a broad basis.

Mitch Christensen is Chief Technology Officer and Chief Architect at PacketMotion. Mitch has more than 25 years of experience designing and developing groundbreaking technologies that include distributed systems, search engine software and large-scale data storage solutions for government and commercial customers. Before joining PacketMotion, Mitch was the chief architect and lead designer for Informatix where he deployed an innovative search engine, document management system, and next-generation paperless payment processing systems for governmental agencies. Previously, Mitch served as the principal architect at Centegy Corp., where he led the development of the flagship remote integrator business integration server. Mitch also worked as senior architect at The Dialog Corporation where he brought their proprietary search engine technology and massive online content to the Web. In addition, Mitch spent several years doing research and development in the telecommunications industry. Mitch holds a patent for core remote integrator technology. He can be reached at mchristensen@packetmotion.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel