Sunday, March 27, 2005
Add It Up: Compliance Doesn't Come Cheap
Of all the regulations companies face--from the USA Patriot Act to the Health Insurance Portability and Accountability Act--Sarbanes-Oxley is consuming the most effort. This year, spending to comply with Sarbanes-Oxley will reach $6.1 billion, according to AMR Research. And 60% of 223 business and IT executives surveyed by the research company have Sarbanes-Oxley compliance efforts under way.
Personnel tops the list of Sarbanes-Oxley-related costs at $2.6 billion. Much of that is being spent on consultants and external auditing firms. Technology and services account for $1.7 billion each. Companies will spend about $1 million on compliance-related efforts for every $1 billion in revenue.
The compliance situation is complicated by the fact that regulators have little to say about how companies should go about implementing the security controls required by Sarbanes-Oxley. "Most organizations are baffled," says Paul Proctor, a Meta Group analyst.
See full Article.