Sharp CFOs Boost Information Security with Business Process Improvement

By Thomas Schneck • December 15, 2016 at 6:00 AM

InformationSecurity.jpgFinance executives in all organizations are being asked to look closely at their core processes. Two the main drivers for business process improvements are cost reduction and information security. Studies show there is great variation in the efficiency of financial processes. Bottom performers spend 2.13% of revenues on financial processes; top organizations only spend 0.57%. This cost disadvantage drops directly to the bottom line, making it difficult for organizations with paper-laden and inefficient financial processes to compete.

But eliminating inefficiency and extra cost is not the only reason to focus on business process improvement in financial processes.  Organizations are increasingly focused not only on the potential value of getting all those previously unmanaged documents and processes under control, but also on the growing risks associated with managing increasing volumes of information.  Guaranteeing the security and privacy of information and the auditability of financial processes is an increasingly important role for the CFO.

Just about every week, there is a significant information security breach that makes the news. In addition to the immediate crisis management and public relations embarrassment created by the breach, security and privacy lapses also translate into serious risk management issues that are – or should be – a concern of every CFO.  

Consider these data points from the industry association AIIM:

  • 51% of organizations have had data-related incidents in the past 12 months, including 16% suffering a data breach.
  • 45% of organizations agree that the lack of information governance leaves their organization wide open to litigation and data protection risks.
  • Only 15% of organizations have enterprise-wide Information Governance and Records Management policies.
  • 50% rely on manual search for e-discovery across electronic and paper records.

On top of this, everyday information-intensive compliance and regulatory concerns are increasingly the responsibility of CFOs. These concerns can range from requirements specific to financial processes like those required by the Sarbanes-Oxley legislation to industry-specific requirements like those created by Dodd-Frank for the financial services industry.  Add to this the burden of rising geographic-specific information security and privacy requirements such as those created by the new General Data Protection Regulation in Europe (GDPR), and you have a very rich mix of information security policies that the CFO must worry about.


The good news is that the basic blocking and tackling associated with automated financial process through document management is an enormous first step on the path to sound information security and compliance processes in the organizations.  This growing awareness of the tie between effective information and document management and security, customer privacy, and compliance creates a new set of leadership opportunities for CFOs:

  • The information in financial system is key to transformation initiatives.
  • Organizations are struggling with management gaps between technology priorities and the business.  The CFO can help fill this gap.
  • The CFO is a natural broker between disparate views among sales, marketing, legal, and business executives about what information should be saved and for how long.

business_process_transformation

Topics: Compliance, Security, Accounting and Finance, Team Productivity

Comments