But now that much of the initial hype over compliance legislation has subsided, the key challenge for CIOs is sustaining these compliance efforts, says Wally Curry, chief information officer at Enersource (formerly Mississauga Hydro). Curry says compliance efforts are often derailed because of laborious documentation, inefficient or expensive testing and the difficulty IT and financial departments have in sorting out tasks.
While it’s understood IT has an important role to play in terms of safeguarding the data stored within financial systems, CIOs need to better understand the link between IT and internal control over financial reporting, and business needs to better understand the link between financial reporting and IT, he says.
Curry applies the “common sense rule.”
“Rather than everyone trying to do everything, first map out who will be responsible for what,” he says.
It will be necessary to assess all IT environments that matter (including spreadsheets, not just one managed by the IT department.
Compliance requires significant executive support involving the entire organization, and not just IT, he adds.