Uncovering the hidden value in compliance systems
Compliance is imbued with costs--both obvious and hidden--but it can offer some surprising benefits as well. With a little creativity, IT leaders can reap hidden returns from the monitoring and policy enforcement systems deployed for security compliance purposes, writes Ericka Chickowski at Dark Reading.
Data gathered by IT compliance and audit solutions can be used to reduce waste, experts say. This data can reveal systems and software that aren't used much or at all, and they can flag unlicensed use of applications.
Security analytics deployed for compliance, such as firewall management or database monitoring, can also churn up information useful for improving IT controls for operational purposes. It can uncover duplicate rules that hamper network performance or changes to databases that impede database performance. Utility monitoring not only helps correlate security incidents but can identify technical issues during big implementation projects.
Compliance tools collect information that provides insight on outsourcers' performance as well. This data can be used as proof of SLA delivery and efforts to minimize exposure to risk.
The greatest hidden value in compliance programs, perhaps, is the business intelligence that can be applied to process improvement.
- see Ericka Chickowski's article at Dark Reading