IT Professionals Lack Confidence in Managing Governance, Risk and Compliance in Industries: Report

By CIOReview | Monday, August 18, 2014
853
1376
298

FREMONT, CA: Dell’s survey highlights that IT professionals lack confidence in their ability to address and manage governance, risk, and compliance (GRC). One of the challenges faced by them is to maintain environments held to standards by external regulatory control, while having to meet internal policies and best practices set forth by the organization itself.

The survey covered over 200 technology professionals responsible for maintenance compliance at companies with over 2,000 employees in various industry sectors such as healthcare, retail and finance. The survey was conducted by Dimensional Research commissioned by Dell Software.

83 percent of respondents believe stronger interaction between security and compliance teams would increase organization’s security. 59 percent respondents said they have limited manpower to meet GRC objectives while 49 percent of them cited the increasing growth in data as a concern. Less than 50 percent of them said employees adding new data sources to the environment for compliance and security take time to inform the security and compliance teams about the new data.

93 percent of respondents acknowledged that they are concerned about their ability to prevent unauthorized changes. 22 percent are concerned about unauthorized internal access by employees or consultants. 61 percent of them are concerned about both internal and external unauthorized access.

Less than 50 percent of respondents proactively review, add or remove data sources that are no longer required.  Less than 50 percent of respondents have a consistent process in place for adding regulatory data sources. 11 percent of respondents said they are very confident of determining the root cause of an incident or data breach by capturing all the data necessary to detect and investigate.