• Deals
  • Property
  • Manufacturing
  • People
  • Lifestyle
  • Viewpoint
  • Archive
Home / Yorkshire / RSM Tenon Column: Balancing Costs and Compliance

RSM Tenon Column: Balancing Costs and Compliance

RSM Tenon Column: Balancing Costs and Compliance
RSM Tenon's Ian Wallace urges business to maintain a good control and compliance regime despite the pressures they face.
News
July 12 2012
|
Write a comment

RSM Tenon
ian wallace rsm
Ian Wallace

 

During difficult times such as those we have experienced recently, it is very easy to forget the need to maintain a good control and compliance regime. The understandable emphasis upon matters such as reducing costs, securing contracts and collecting cash means that other seemingly more ‘routine’ activities can often accidentally take a back seat.

We have always stressed the importance of maintaining a sound controls environment that operates to address the specific business and IT risks faced by organisations. However, we have observed recently that measures taken by some organisations to cope with the recession have had the effect of removing controls from the business. Examples include:

• The removal of managers who have historically been responsible for ensuring compliance with professional standards and legislation;
• Redundancies amongst back office staff which have resulted in the loss of key segregation of duty controls in areas such as payroll, purchasing and accounts;
• Cancellation of planned spending upon IT security projects or infrastructure that will provide additional resilience to protect data;
• Reduced spending on independent checks that would identify possible non-compliance or IT security issues;
• Uncontrolled and unrestricted growth of mobile computing due to reduced expenditure on IT resources which could expose the business to security breaches; and
• Reduced training for staff on how to safeguard data and information.

Another complexity you now have to consider on top of day to day data security concerns is the fact that the compliance landscape is constantly changing. Proposed EU legislation will result in fines of up to 2% of global turnover for organisations that breach data confidentiality. Governance requirements that are specific to certain business sectors change. Recently, following a series of high profile data losses, the Government published data security guidelines – the Security Policy Framework – which they require any organisation handling government information to comply with.

So what does all this mean for you?

In simple terms, it means that you may have to improve or maintain your control environment at a time when the natural tendency may be to do otherwise. The importance of maintaining strong controls should not be under-stated even when times are difficult. If anything, in difficult economic times there should be an increased focus on controls and their effectiveness.

Our advice would be to make sure you continue to give priority to your compliance requirements, be they existing ones or new ones that have arisen as a result of recent changes.

A simple albeit text book approach is to understand your responsibilities, identify your risks, assess the current state of controls and implement a programme to plug the gaps. You should then seek on-going assurance through internal audit, self-assessment or similar compliance means.

Failure to address these concerns could have an adverse material impact upon your business activities, for example the loss of contracts, and a negative public perception, thus placing even more strain on resources and prospects.

When things are difficult, maintaining good compliance practices may not be deemed easy or a priority but it will be beneficial for you in the long run.

For further information please contact Ian Wallace, Director of Risk Management on 07730 300302 or ian.wallace@rsmtenon.com

More articles in
News

Sectors

Comments

If you'd like to leave a comment, please register now for free or login