From IT Compliance Cost to IT Governance Benefits: An Italian Business Case
IT compliance is one of the main challenges for Information Systems, not only because it is difficult to implement compliant applications, but because it requires very high investments and expenditures. Companies involved by IT compliance can pursue two different behaviours: the Compliance view considers IT compliance merely like a duty to accomplish with, and related cost as a necessary expenditure. The Governance view on the contrary considers IT compliance rules like an opportunity to improve administrative processes and information quality, and related cost like an investment able to create satisfactory returns.
In this paper, these two views are described, especially focusing on Governance view and benefits deriving from its implementation in companies. A business case is also examined, describing the implementation of IT compliance applying the Governance view in a large and global Italian group.
KeywordsCorporate Governance Business Process Financial Disclosure Compliance Program Compliance Rule
Unable to display preview. Download preview PDF.
- 2.Cantino V (2007) Corporate governance, misurazione della performance e compliance del sistema di controllo interno. Giuffè, MilanoGoogle Scholar
- 3.Broadbent M (2005) Why governance matters. CIO Insight IIGoogle Scholar
- 4.Dameri RP, Privitera S (2009) IT governance. Franco Angeli, MilanoGoogle Scholar
- 5.Dameri RP (2009) Le determinanti dell’IT governance e la creazione di valore, impresaprogetto no 1. www.impresaprogetto.it
- 6.Gartner (2006) Understanding the cost of compliance, JulyGoogle Scholar
- 7.Botosan C (2000) Evidence that greater disclosure lowers the cost of equity capital. J Appl Corp Finance 12(4)Google Scholar
- 8.Weill P, Ross M (2004) IT governance. How top performers manage IT decision rights for superior results. Harvard Business School Press, BostonGoogle Scholar
- 9.Dameri RP (2008) Governance, risk and compliance management suite. A software selection for implementing an integrated compliance framework in listed companies, Genova, 2nd April 2008Google Scholar
- 10.ITGI (2004) IT control objectives for Sarbanes-Oxley. www.itgi.org
- 11.Dameri RP, Garelli R (2006) IT governance in international business group. In Proceedings of the 13th European conference on information technology evaluation, Università di Genova, Genova, Italy, 28–29 September 2006Google Scholar