Released on = August 7, 2007, 9:34 am

Press Release Author = Supremus Group LLC

Industry = Management

Press Release Summary = Research done by the IT Policy Compliance Group reports the
dissimilarities between compliance leaders and laggards and illustrates how
compliance leaders are making compliance pay for them.

Press Release Body = DES MOINES, USA - August 07, 2007: Few days back IT Policy
Compliance Group publicize the availability of its latest benchmark research report
titled "Why Compliance Pays: Reputations and Revenues at Risk." The report clearly
demonstrates 9 in 10 organizations are exposed to financial risk from data lost or
data stolen due to not leveraging compliance and IT governance procedures. It
further reports organizations with the best IT compliance results have the least
business downtime from IT security events. The benchmark research also goes on to
reports that chance of loosing or stealing of data is once every three years or
sooner for compliance laggards, compared to once every 42 years or later for
compliance leaders.

Data management plays a significant role in any organization but if not properly
maintained there is severe chance of data loss or stolen which might impact the
organizations' reputation and financial risk, but same can be reverse by
implementing proper compliance management procedures and control tools. It is
having said that percentage of data loss or data stolen risk value is quite high
than the amount spent on compliance and data protection financial value. The
returns on investment in compliance for larger enterprises starting at 1,000 percent
and improving to 100,000 percent, good compliance pays for itself.

The research shows that successful firms, those with the fewest data losses and
thefts, are driving operational excellence in IT by improving compliance results,
especially in IT general controls and IT security controls and procedures. More
notable, the benchmarks show the least data loss among firms that are monitoring and
measuring controls against objectives consistently, at least once every two weeks.

"An effective IT governance process with concise IT control objectives, along with
the right mix of built-in IT controls, allow businesses to set policies and measure
against those policies in a consistent manner," said Everett C. Johnson, CPA,
International President of ISACA and the IT Governance Institute. "By creating a
measurable and repeatable IT compliance program, businesses are able to adequately
produce data and ensure a high level of compliance."

Based on what is working among organizations with the fewest data losses, the IT
Policy Compliance Group report identifies several practices that can assist
businesses with improving IT compliance results, reduce business downtime, and
reduce data loss and theft. These steps include:
. Implementing more and appropriate IT controls
. Reducing control objectives, making it easier to communicate, measure and report
against
. Establishing higher standards for performance objectives
. Encouraging a culture of operational excellence in IT
. Conducting monitoring, measurement and reporting of controls against objectives at
least once every two weeks
. Allocating more spend to controls automation

In addition to spending larger percentages of the IT budget on IT security controls,
the firms with the fewest undisclosed latent data losses and least number of
compliance deficiencies are reallocating monies away from external contract spend
towards additional funding of equipment and software, specifically targeted at
automating the monitoring and measurement of controls and procedures.

To view the research report, please visit
http://www.compliancehome.com/symantec/compliance.html

ABOUT Compliancehome.com:
www.ComplianceHome.com is the online regulatory compliance portal focused on
delivering the latest news, events, white papers, webinar, audio conference,
seminars, articles, products and vendors, and jobs related to compliance of HIPAA,
SOX, FISMA, GLBA, FFIEC, FDA, Basel II, OSHA and ISO 17799.

We request all professionals to contribute to this site to make it the biggest
compliance library of resources. If you have articles, white papers, conferences,
events, seminars, online training, news, compliance related training or have web
content we should link to, that you believe our visitors would find of interest,
please visit any of our submit pages and submit your information. (We will review
your content before it is included in the site).

CONTRIBUTE TO OUR WEBSITE:
. Add your White papers for free: www.compliancehome.com/submit/whitepaper.html
. Submit Events for free: Training, Conference, Seminar, Webinar, Audio Conference:
www.compliancehome.com/submit/event.html
. Submit Resources: Articles, Archived Webinars & Audio Conferences, Regulation
Overviews and PowerPoint Presentations: www.compliancehome.com/submit/resource.html
. Add Products and Services: www.compliancehome.com/submit/product.html
. Add Press Releases: www.compliancehome.com/submit/pressrelease.html




Web Site = http://compliancehome.com

Contact Details = Supremus Group LLC
4224 Village lane Suite 15
West Des Moines, IA 50266
515-865-4591
www.compliancehome.com
www.training-hipaa.net