Compliance costly

Keeping pace with ever-more-stringent federal regulations has rocketed to the upper reaches of network executives’ concerns, according to the 10th annual Network World 500 survey.

About 60% of respondents said ensuring compliance with regulations over the next 12 months is “extremely important,” while only 2% said the issue isn’t important at all. This was the first year this issue was raised in the survey, which was conducted jointly by Network World and Research Concepts and polled 500 network IT executives.

Nearly half of the respondents said they will upgrade their applications or purchase new applications this year to ensure compliance with regulations, including the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act. IT executives also are examining data-handling processes and information storage to be sure their operations are up to snuff because such laws can be particular about how corporate information is to be handled and kept.

Also: The Network World 500 Survey: How We Did It

Although not all of these regulations are new, some have deadlines for this year with compliance orders that affect IT departments. For example, Sarbanes-Oxley, the legislation that emerged from corporate accounting scandals of 2002 to dictate how public companies store, report and share financial information, includes a section that will go into effect this year that requires internal processes and controls to be properly documented and audited.

“I think the reason many IT departments feel under pressure is because of Sarbanes-Oxley – it’s producing a lot of angst and a new burden, and new spending too,” says Stewart Baker, a partner at law firm Steptoe & Johnson. “A lot of hard decisions might have to be made; companies might have to wall off their financial systems from other parts of the network, and that will require architectural changes or further expenditures.”

On the bright side, the survey showed that purse strings seem to be loosening – more than half of the respondents said they will spend more on technology this year than last. Less than 40% gave the same answer last year.

Technology support manager Donald Murphy’s outlook on IT spending at Corestaff Support Services, a staffing company, has changed from “cautiously optimistic” in February to “optimistic” when asked last week. “The issues we’re dealing with now are . . . positive problems, things like growth, as we try to go from purely maintenance to implementation,” he says. “We’re not hauling wheelbarrows of cash around, but everybody feels good about” the department’s budget.

Accompanying the intent to increase spending is the perception that IT buyers can get more for their money than they have in the past, because of technological advancements – such as greater processing power – and increased vendor competition. Of those asked, 83% agreed that this year’s dollar buys more technology than last year’s, and about 60% said they are motivated to spend by the deals that vendors are offering in certain areas.

This year’s survey shows that in addition to preparing for regulatory compliance, IT executives’ spending will focus on enterprise applications, security and handheld devices. All respondents said they will spend on enterprise applications and security in the next 12 months, while half said they will purchase new handheld devices.

Reasons for buying enterprise applications include compliance with regulations and boosting productivity to improve bottom lines. Knowledge management applications and portal software; and ERP and salesforce automation applications will be the most common purchases, the survey showed. Slightly more than half of the respondents said they manage their enterprise applications in-house, one-third said they outsource the management of some of their software, and 8% said all of their application management is outsourced.

As IT managers have become the primary keepers of many organizations’ security, the task has become more complicated and expensive. Intrusion-detection systems and anti-spam software top buying lists for the coming 12 months. The survey shows companies prefer to have security audits performed by third-party service providers and that the biggest perceived threat to an organization’s security comes from within the company.

Among those companies planning to equip their workers with handheld devices, PDAs will be the most common device purchased, followed by digital phones and e-mail pagers.

Complete results will be available June 14 here.