Survey reveals major weaknesses in enterprise compliance policies

Kroll Ontrack has published the results of a global survey that showed that many companies fail to include data recovery as part of their compliance policies. Despite the fact that 78 percent of respondents believe that data recovery is the most important component of a compliance plan, only 50 percent say it is part of their company's compliance policy.

Regulations such as SOX, HIPAA, PCI, FACTA, etc., make it clear that companies have a responsibility to protect data and make significant attempts to retrieve data that has become compromised or lost. For a company, the consequences of non-compliance can be severe, potentially resulting in financial penalties, reduced stock value, loss of customer confidence and lost sales revenue. With that said, it is surprising that 46 percent of respondents said they were not sure if their company even had a general policy to comply with the applicable regulations.

Furthermore, given the potential consequences, it is even more surprising that nearly half of respondents, 43 percent, said they don't believe their companies test their backup systems to ensure data can be produced if needed.

"While data recovery is becoming increasingly synonymous with disaster recovery plans, this survey reveals that data recovery has not yet been deemed a critical component of all compliance policies," said Jim Reinert, vice president of data recovery and software products for Kroll Ontrack.

www.ontrackdatarecovery.com

•Date: 15th Nov 2007• Region: World •Type: Article •Topic: Operational risk
Rate this article or make a comment - click here