UK firms facing eDisclosure time bomb
UK firms facing eDisclosure time bomb
May 22, 2009:A survey of CIOs and IT directors at 150 UK organisations with more than 1,000 employees last year found an increase in eDisclosure requests. IT directors cited fraud and illegal financial activities as the main contributing factor, with the growth in electronic communication coming a close second.
The survey was initiated by Recommind, which claims that more than two thirds of UK organisations dedicate less than five percent of their IT budget (with nine out of ten dedicating less than ten percent) to provisioning and preparing for eDisclosure. Similarly, IT directors still do not fully grasp the need to prepare for these eventualities, rating it as their lowest priority below information security, email archiving and rolling out productivity-related tools.
According to Recommind, this oversight could leave businesses highly vulnerable to information risk and the associated consequences including breach of compliance, embarrassing headlines and loss of stakeholder confidence.
“The problem is that eDisclosure is still seen as an American problem and for many UK companies, this is all the excuse they need to sweep it under the table,” said Simon Price, European director at Recommind.
“However, this is a problem facing UK businesses and if the upwards trend continues, before long we’ll see firms over here subject to same level of scrutiny as their US counterparts. And, with far ranging consequences – including hefty financial penalties, and potentially worse, reputational loss – businesses will need to place the same emphasis on preparing for any disclosure demands, as they do on IT security or anything else.”
According to the research, IT departments hold ultimate decision making and budget responsibility for eDisclosure at half of all companies surveyed. The legal department made the final decision at a quarter of businesses, but held the budget at just 14 percent of firms.
“With eDisclosure a relatively new phenomenon for many UK companies, most businesses still don’t fully understand its importance,” continued Price. “There’s a danger that the IT team won’t necessarily recognise and fully comprehend which information should be preserved and disclosed, and which can be discarded.
"Similarly, the legal department will be experts on this side of things, but they need the IT team to help ensure any technology processes and systems are accurate and up to the job. At the moment, each department seems to have its own different set of priorities, but as eDisclosure becomes more commonplace, businesses need to take a joined up approach with eDisclosure higher up the priority list.”