Save or Share this Report

For Security & Risk Professionals

Compliance Optimization: Defining The Right Level Of Control

February 1, 2007


Why Read This Report

In a scramble to be "compliant," firms have implemented controls with little thought to their impact on the business. In the rush to fill out checklists from regulators or auditors, compliance teams forget that control selection and management is a risk-based process. Thus, businesses end up either under-controlled — which leads to exposure to litigators and regulators — or over-controlled, which means overburdened business processes and ballooning costs. And compliance reporting and dashboards don't help; in fact, they can exacerbate the problem by giving your firm the false impression that the controls are working, when in reality they're preventing business from getting done. To avoid this disconnect, align control selection and management with risk management practices and your company's overall appetite for and tolerance of risk.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).