Whether it's your own household finances or a multimillion-dollar IT budget, spending and planning fall into two main categories: must-haves and want-to-haves. Must-haves (otherwise known as nondiscretionary spending) always seem to take up a larger portion of the budget–every time you gas up your car, you can see that firsthand.
Insurers' must-haves in IT include investments targeted toward meeting security and compliance demands. Although they involve different activities, security and compliance strategies have been converging in recent years under a consolidated risk management framework, particularly as regulations have required protection of customer data and other information security measures.
"We are starting to wrap those two [security and compliance] together, creating an organization that's responsible for compliance, including Sarbanes-Oxley work, information security, and other risk management concerns such as enterprise architecture," says Don Garvey, CISO at P&C insurer Chubb Group. "Some companies have formed that outside IT, but we're creating an organization within IT."
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
- Educational webcasts, resources from industry leaders, and informative newsletters.
- Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
