Hard to believe it’s been 10 years since the days when IT controlled its own destiny (and budget), isn’t it?

Those who were around back then no doubt think of that era fondly. It was a time when CIOs held a place at the executive table and the rest of the business looked to IT to provide them with their next strategic advantage – hang the cost! Those who have come along since then can only imagine what it’s like to have virtually unlimited resources at their disposal and the ability to bring in a new application without first having to write an extensive business case justifying the need for it.

Today, it’s all about optimizing the business. IT is being charged with finding ways to simplify and automate business processes, making them both more reliable and less expensive to operate. It’s a never-ending process, and as time goes on the demands get greater. Yet, while IT has largely been successful to date in helping other parts of the organization save time, money and effort, the same cannot be said for itself.

In other words, while IT has been busy driving business value by eliminating repetitive, manual tasks from the rest of the enterprise, it has allowed its own department to continue to be plagued with them.

Much of IT’s time these days isn’t being spent on searching out new innovations or making recommendations on business process improvements. Instead, depending on who you talk to, anywhere from 70 percent to 90 percent of IT’s time is currently devoted to keeping the business running.

It’s no wonder that IT and the people who run it are no longer viewed as change agents by C-level executives. After all, it’s tough to focus on steering the ship when most of your time is spent plugging leaks and bailing water. Even tougher when the number of resources available have been reduced to the bare minimum required to keep the ship afloat. With little time to spend on innovation, IT can actually become an obstacle to it in the eyes of business leaders.

To get out from under that situation, what IT needs now is to bring the same type of task automation it has installed throughout the rest of the enterprise into its own area. But how can that happen when funding is already being stretched so thin?

The answer lies in an unlikely place – the enterprise’s governance, risk and compliance efforts. Whether it is being mandated by law (as with public companies) or being demanded by management (as with private companies that want to protect themselves from financial and legal harm), GRC has become a high priority in many small, medium and large enterprises.

The reason the GRC effort seems an unlikely place to drive efficiency is that traditionally it has been a major contributor to the raft of manual tasks IT is asked to perform. Tracking accountability and segregation of duties, reporting on the results and preparing for audits normally require a great deal of manual effort. While products available since the introduction of Sarbanes-Oxley could automate pieces of this process, they were too cumbersome and expensive to be of much use to most enterprises. And, getting them approved by the C-suite took an effort just short of an act of Congress.

Today, however, a GRC approach that includes automation is changing this situation. The approach’s ease of use and low cost of entry are making it possible for IT to start automating repetitive tasks (such as transports, user security provisioning and batch management). It also changes the way actions are tracked, to the point where the act of performing a particular task automatically creates the record that it has been performed rather than having to log it separately.

While this is good for confirming segregation of duties and to show that the enterprise is complying with the law and/or best practices, it is also having another effect: helping IT to do more with less, thereby making more time available for higher-value contributions to the enterprise.

Freed from the burden of unending maintenance, IT can take the time to sit down with business leaders (or business unit leaders) and ask them about their needs, their goals and where they want to take the business. IT will also have time to research various technologies and bring back recommendations aligned with those business goals. IT will be able to make those recommendations without fearing that it can’t deliver the benefits when the business wants them, because the time and resources that used to be spent just keeping things running will now be available for more strategic initiatives.

With a reduced maintenance burden, CIOs and other IT leaders will have more time to take a step back in order to look for ways to improve the business rather than constantly being stuck in the weeds. The auditing and controls required for GRC are just as effective for identifying bottlenecks in data flow as areas where improvements in business processes can be made. Armed with this information, IT can show management new strategies that will make the business more competitive by lowering costs, eliminating barriers to success and reducing mistakes.

In short, IT will be able to look at the business from another point of view and provide a unique perspective that may be missing from the current executive mix. Rather than being viewed as a cost center, IT will once again be seen as a vital contributor toward the success of the business.

None of this happens, of course, until IT drinks its own Kool-Aid of efficiency through automation. That’s where the banner of GRC can help.

Presenting automated GRC software as a means to improve compliance can help sell it. IT can then take advantage of its capabilities to reduce maintenance requirements and start earning a place at the table again – but this time by replacing vague promises with tangible added value. When that happens, everybody wins.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access