Governments Will Keep IT Departments Busy for a Long Time to Come

The most recent economic downturn has caused a horrific amount of pain, but anyone associated with information technology likely still winces when recalling the post-dot-com, post-Y2K bubble burst of 2001-2002. The entire industry went into a sales slump, with tech companies crashing left and right, along with massive layoffs of IT professionals. 

Things finally started picking up after a couple of years, but what was the spark that got tech back on its feet? A knowledgeable colleague of mine points to one thing, and that was the spate of government regulations and mandates that came down the pike, especially Sarbanes-Oxley (SOX), which required that businesses know exactly where their corporate data was coming from. To meet these draconian requirements, companies started buying new software packages left and right, and rehiring people who could install and integrate the new applications into their operations.

Predictably, the recent financial crisis has created calls for more stringent oversight and accountability within financial service institutions. Compliance only seems to be stepping up, as governments require more information and accountability from enterprises.

This, my friends, is what will help keep insurance industry IT budgets popping for some time to come. Mark McClain, CEO of SailPoint, an identity management solutions provider, agrees on this point, and recently shared some of his observations with me on the state of IT budgets.

“Based on our experience with the top insurance companies in the world, compliance is a primary driver of IT budgets,” he says. Of course, insurance companies are no strangers to stringent regulations, he adds. Think about Sarbanes-Oxley, Payment Card Industry mandates, and the European Union’s Data Protection Directive.

Even a new offspring of SOX is in force, McClain points out. The Model Audit Rule, enacted in 2006 and in effect as of January of this year, “adds even more reporting requirements to public insurance companies and extends SOX-like rules to non-public companies for the first time,” he says. If an insurer is doing business in Europe, “they have until 2012 to meet the new risk management and risk identification requirements of Solvency II.”

McClain sees much of the demand for his company's own products resulting from compliance mandates, and says this is likely to drive a lot of IT purchases across the board. Insurance companies simply don't have the people resources they can commit to handling all the reporting and auditing needed to keep up with all the mandates coming down the pike. There needs to be a way to automate these things, and that's going to be a big part of the work of IT managers and professionals.

“As companies prepare to address more regulatory demands, continuous, automated compliance becomes even more important,” McClain says. “They simply don’t have the resources to address their compliance challenges with manual, time consuming processes.”

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

For reprint and licensing requests for this article, click here.
Security risk Analytics Compliance Policy adminstration Data and information management
MORE FROM DIGITAL INSURANCE