In 25% of German companies between 11 and 30% of the work time is spent on fulfilling legal requirements. This particularly affects IT departments given that almost all of these so-called compliane regulations can only be met through the support of the IT department, irrespective of which department in a company is originally concerned by these regulations.
58% of all IT managers in German companies even think that the time spent on such compliance regulations will only grow due to always more laws, guidelines and voluntary codexes. Just 2% believe that the amount of time needed to deal with such regulations will decrease. This is the finding of a joint study called “IT budget 2008” by the Information Week magazine and Steria Mummert Consulting.
Worldwide there are more than 10.000 compliance regulations on things such as record retention periods, data protection and risk managment. And the amount of time needed to fulfill these is going to increase. Thus, the EuroSOX directive which took effect on July 1st is certainly going to require additional work in order to be implemented.
Among the top five among the most important driving forces behind new IT projects is the Federal Data Protection Act. It affects virtually all business units such as for example electronic order data processing. 78% of all IT managers interviewed therefore consider legal requirements to be a decisive reason for future IT investments in their respective companies.
“However, companies should not only perceive compliance regulations as an obligation but also as an opportunity”, says Wolfgang Nickel from Steria Mummert Consulting. “On the one hand these regulations provide the initial impulse for IT projects which are important to businesses anyway and have so far not been tackled such as for example an improved IT security. On the other hand, these often result in process optimization.” This leads to improved processes and the adaptation of data structures to current requirements, says Mr. Nickel.