Whether it's your own household finances or a multimillion-dollar IT budget, spending and planning fall into two main categories: must-haves and want-to-haves. Must-haves (otherwise known as nondiscretionary spending) always seem to take up a larger portion of the budget–every time you gas up your car, you can see that firsthand.
Insurers' must-haves in IT include investments targeted toward meeting security and compliance demands. Although they involve different activities, security and compliance strategies have been converging in recent years under a consolidated risk management framework, particularly as regulations have required protection of customer data and other information security measures.
"We are starting to wrap those two [security and compliance] together, creating an organization that's responsible for compliance, including Sarbanes-Oxley work, information security, and other risk management concerns such as enterprise architecture," says Don Garvey, CISO at P&C insurer Chubb Group. "Some companies have formed that outside IT, but we're creating an organization within IT."
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
