It’s been a while since the perfect IT storm of the nineties – Y2K, ERP, the euro transition and the Internet goldrush – brought a windfall to IT consultants and suppliers. So you can hardly blame them for seeing gold in Sarbanes-Oxley. These days, you hear the marketing pitch often: “Don’t view Sarbox as just a compliance issue; use it as a lever to overhaul your systems and processes.” In other words: Launch big IT projects now!

It was interesting, therefore, to hear the CIO of a leading manufacturer deflate the Sarbox hype during a panel discussion at a recent conference. So, she was asked by the moderator, do you view the compliance challenge as an opportunity to proactively make broader changes? No, she said calmly, we’re just going to do the minimum we need to do to pass the legal tests, and then we’re going to move on. Sarbox is a nuisance, she continued, but it won’t be long before everyone’s forgotten about it.

It’s a sensible view, and my guess is that it’s shared by more than a few of her counterparts at other firms – even though few would say so publicly.