Resources for Gramm Leach Bliley Act (GLBA)

New Unified Compliance Solutions Deliver Clear Security And Cost Advantages For Enterprises

www.bignews.biz

Toronto-based Informatica Research has announced that the vast majority of organizations currently adopting information risk management, security management, privacy fair information practices and business continuity planning are implementing overlapping and redundant controls.

Informatica’s president, Claudiu Popa is an authority on information risk management and sees the issue as a problem directly related to de-centralized IT governance and wrongsourcing: “The security and privacy controls behind many companies’ efforts to comply with standards and legislation are overlapping. We are seeing this only a third of the time now, but this number will grow to 75% or 80% over the next 12 months. We are seeing a lot of wasted effort in up to 90% of cases, multiple initiatives implementing similar controls, mounting costs related to monitoring, testing and remediation. Generally speaking, when executives delegate compliance responsibilities and in-source complex information risk initiatives, you’re going to have a problem”.

Overlapping controls, such as those implemented to support legislative requirements for PCI DSS, GLBA, Sarbanes-Oxley/Bill 198 and diverse privacy requirements can put an unbearable burden on IT and operational resources – in over 60% of cases - to the point where at least one of two situations occurs: productivity and profitability are impacted at the enterprise level or the effectiveness of the company’s security and privacy activities is reduced because such intense effort is not sustainable. Many companies compound the problem by wrongsourcing: outsourcing their core competencies and in-sourcing complex, specialized projects involving information security and privacy compliance.

View the Resource

Share or bookmarklet this web page at: