The steady stream of headlines uncovering erroneous financial information and questionable accounting practices from organizations around the globe is significantly impacting today's IT community. As more and more organizations come under closer scrutiny by the Federal government and shareholders alike, enhanced or new regulations and processes are set in motion. In fact, many mandates are either now in place or scheduled to take effect in the next 12-15 months.

Organizations are subject to not only industry-specific mandates such as Basel II, focused on improved risk management in banks, or the Healthcare Insurance Portability and Accounting Act (HIPAA) for the healthcare industry -- but cross-industry regulations like Sarbanes-Oxley or the International Accounting Standards (IAS) in Europe. These are just a few examples.

Today there are more than 120 compliance regulations with Sarbanes-Oxley, Basel II, SEC, and HIPAA leading the charge and requiring significant understanding by IT staff on the impact of risk and compliance on the organization.

It should come as no surprise that compliance has led to an increased focus on improving and managing business processes and assets within organizations today. In addition to improving financial accounting, creation of research, credit risk or privacy management, information must also be archived and retained effectively. The bottom line is that as companies look to expand their competitive advantage and transform business processes into the on-demand world, risk and compliance is a constant that must be managed and considered. Companies need to build a technology foundation that includes an effective risk and compliance strategy.

Compliance drives IT spending
It should also come as no surprise that along with these new regulations comes more than enough software tools and vendors vying for compliance-related budget dollars. The IT staff and corporate officers are now faced with almost too many options without the luxury of time of evaluating which solution best addresses their organization's and clients' needs.

Underscoring this challenge is the fact that a quick Google search on 'Sarbanes-Oxley compliance software and training' yields nearly 40,000 results.

While certain regulations such as OSHA (the Occupational Safety and Health Act) and EEOC (Equal Employment Opportunity Commission) have been a long-standing requirement for many industries, the front-page headlines have ignited new regulations that ushered in a new wave for compliance-related IT spending.