People Are Allergic to Excessive Control
Implementing risk control matrices for Sarbanes Oxley Compliances mean implementing a lot of control. Some how most of control tend to be very excessive. Below some explanation why people allergic to excessive control and how to manage it.
Interference does not improve employee performance; improvement is accomplished by motivating, allowing freedom of action, and understanding the contributions that people make. As stated in the first point, the urge to manage in a knee-jerk manner inevitably causes work to get bogged down. Using IT as a control instrument when that happens tends to make matters even worse.
Keep It Simple: Simplicity Is the Mark of Truth
We can only cope with a limited quantity of information and, perhaps not surprisingly, in spite of the amount of information we have, we cannot look into the future. We make decisions on the basis of “best guesses” and continue to do so until a solution is determined that provides us with some satisfaction. This suboptimization does not result from laziness but from the need to perform on many fronts at the same time, while the mountain of information continues to grow and time remains short. We have to make use of our limited human capacities. Consequently, keep it as simple as possible by, among other things, accepting the principle that “good is good enough” to guide your IT management. IT is already complex enough and, moreover, works in complicating ways.
Recognize That, in the End, the Business Determines the Value of IT
It would be crazy to ask IT organizations about the contributions that their products and services make to processes. IT is inextricably entwined in the business and is, therefore, an essential part of the business. Investment decisions have to be taken in consultation and made with commitment. The same holds true for all evaluations and adjustments.
Continue to Evaluate
We must describe and justify what we would like to do, what we wish to achieve, how we are going to measure the results, and how much those results are worth. Above all, we must maintain our positions on such issues. The interplay between measuring and then accepting the consequences is crucial. Measurement only makes sense when something is done with the results of the measurements. Moreover, the responsibilities for proper and adequate measurement must be properly delegated.
Cultivate Maturity
Establish sound IT administration and organize IT processes and responsibilities. Examine the real costs and benefits of IT in relation to concrete business goals, take risks into account, and make choices on this basis. If you continue to do this, then the first steps toward portfolio management will have been taken. Ensure that the entire organization knows why work is done in this or that way and what everyone’s role is in its execution. You will then be engaging in performance- oriented management of information and IT.
Stay Tuned on Sarbanes-Oxley
Organizations have to act in order to comply with international legislation. Keep searching for ways to convert the compliance pressure into performance pleasure. Best practices can lead the way. It is certainly the case that much real and passionate work is being done in the United States to improve the management practices of its most competitive firms. However, in practical application, such practices need not be followed slavishly. Instead, each company should identify best practices among the global portfolio, choosing those that can benefit one’s own business and adopting those that make the most sense, adapting them when necessary, and implementing them as unmodified best practices when doing so provides the greatest potential benefit.
Popularity: 30% [?]
