According to the latest market research coming out of security vendor nCircle the cost of security auditing is heading in one direction, and that's upwards. Some 47 percent of IT security professionals to the nCircle survey expect that security auditing costs will increase during 2010 while only a very optimistic 8 percent see them falling. Interestingly, a huge 83 percent of them reported that they are effectively identifying security and compliance issues prior to any audit, which is certainly good news.
"The increasing complexity of regulatory requirements continues to be a key cost driver for many companies’ compliance initiatives" says Elizabeth Ireland, Vice President of Strategy for nCircle, who continues by adding "It's interesting to note that, while a significant percentage of companies believe they are identifying security and compliance issues prior to beginning an audit, organisations are not yet realising the cost savings that can come from process maturity. Unless companies have a strategy that automates the continuous monitoring required for various regulations and can report on it to suit the requirements of a specific audit, the process remains very resource intensive and costly".