Poor old Bernie Ebbers will certainly go down in history as th man who, as the boss of Worldcom, taught the world that the spirit of entrepreneurial gusto can be taken too far. It is also possible that he will go down in history as the man who fathered the regulations and processes that brought business and industry to a grinding halt.
How? Well, one of the results of the Worldcom and Enron scandals has been for governments and regulatory bodies around the world to realise that they `ought to do something' if the more outlandish aspects of cavalier Mammonists were to be reined in. So it was that much of business has become subject to new laws and regulations, such as Sarbanes-Oxley and Basel II. Company directors now have to meet, and be able to prove that they have met, the terms and conditions of an ever-increasing set of rules. And with the serious penalty of possible imprisonment as an alternative to compliance, compliance to the rules seems increasingly sensible.
But with so many rules, ensuring compliance can become a full time job for whole departments within a company. And with IT systems residing at the heart of so many business processes these days, that puts a high level of scrutiny onto the technology. For example, there isn't a system administrator anywhere in the world who hasn't, at some ungodly hour of a dark and dank morning, resorted to a little bit of hand-crafting of some application code in order to get a process running properly so a job can be completed. Till now that would have been considered sensible and, so long as the change was logged and added to the list of bits and bobs to be included in the next update of the application, nothing was actually wrong.
Now, of course, it is wrong. If that application is part of an approved process then any change will break the compliance and and just about anybody in the company could be banged up as a result. It is traditional to say that upwards of 80% of IT costs are spent on maintaining existing applications and systems. Well, it would be no surprise if ensuring that all applications - and different versions of the same application - maintain compliance grew to to a similar amount of resource commitment...........oops, that means 160% of the IT budget. If companies are not careful, they will be spending all their IT budget - and all their manpower resources, simply trying to ensure that compliance to regulations and law is maintained so that the directors don't go to jail.
There is an answer, of course, and I expect it to become one of the next big markets. Indeed, I expect it to be one of the primary levers in getting enterprises to move to cutting deals with some of the biggest vendors of infrastructure management tools, such as HP and IBM. This will be the growth of Compliance Management tools.
HP has been one of the first out of the gate in this area, having used its ENSA@Work conference and exhibition in Copenhagen (back in June) to announce the coming of just such a module as an add on to its OpenView systems and infrastructure management suite. It is far to early to give any idea of its efficacy in practice, but the idea does seem very sound. Compliance is, if nothing else, about orthodoxy and standard patterns of operation - and this has to mean it is possible to automate much of it within an infrastructure management system that has operational control over the hardware, the systems software and the applications.
Expect to see some specialist start ups in this area coming along, and expect to see any that are half sensible snapped up by the likes of Microsoft, SAP and Oracle - they will need acquisitions if they are to play in this space and be credible at offering future business management environments.
Like all `good things' therefore, there is a hidden drawback to compliance - a potential brake on any company's business activities and ability to innovate. It may be ironic that one of the key reasons for having IT in business (at least if the vendors' hype is to be believed) - the ability to adapt to changing market or business needs very quickly - may be brought to a grinding halt by the even more pressing need to be seen to be doing everything right and have any audit prove it to be so.
So compliance management has the potential to be a simply huge market and one in which, by its very nature, only the biggest vendors will get to play effectively.