There has been spirited debate (read the comments in particular) about SOX and SAP's GRC (Governance, Risk and Compliance) in the last couple of days at Thomas Otter's and Dennis Howlett's
The debate to me goes way beyond arcane sections of the law. Every dollar spent on compliance IT - and by some estimates in the last few years it is up to 15% of IT budgets - sucks oxygen that could be used towards innovation. It is frustrating for my firm to save clients on utility spend, only to see that money not go towards innovation but compliance.
Even more bothersome is we may be glamorizing government regulation.
As I commented on Thomas's
"I cannot believe so many of you think government policy has caused the stock market stabilization(or improved investor confidence in the last few years)
Or that SAP which has mostly private sector customers is continuing to push the “compliance is good” agenda.
Here’s Fortune’s take (about perceptions of business versus government) from the same article I quoted (in my post Shambala)
“For all that business has done to rehabilitate itself since, a significant factor has been what government has failed to do. It did not become the hero the public wanted. In the fight against terror, polling shows, just over half of Americans think the Iraq war made the U.S. more vulnerable to terrorism, not less so. Washington scandals - the Jack Abramoff lobbying mess, the Mark Foley sex mess - reminded voters that politicians can be every bit as sleazy as any executive.
One episode did more than any other to turn attitudes around. That was Hurricane Katrina, when government at nearly every level looked utterly incompetent while businesses became the heroes. FedEx delivered 440 tons of relief supplies, mostly at no charge. Wal-Mart meteorologists informed managers that Katrina was headed for New Orleans more than 12 hours before the National Weather Service told the public; the company later hauled millions of dollars of supplies into the worst-hit areas days before FEMA showed up.”
