Perennial issues around the Sarbanes-Oxley Act financial disclosure laws, along with new privacy-related regulations and industry self-policing efforts, are sending shock waves across many sectors. Retailers and other organizations that were once solely focused on narrow mission statements have suddenly become subject to a slew of new reporting and auditing requirements.

Often, the first instinct is to react furiously to avoid penalties and potentially negative press. Giving in to this impulse, however, is a response that could cost corporations plenty, warn this year's IT leaders, some of whom represent industries such as banking and health care, where compliance is a way of life.

Instead of scurrying to slay regulatory requirements one at a time, devise broad compliance strategies that take on several reporting tasks and simultaneously fulfill the obligations that stem from several statutes or regulatory bodies. Along the way, use compliance to shore up operations overall, seasoned executives advise.

"Compliance pressures are now manyfold, and people are failing to realize that they need to look beyond the immediate challenge," notes Michael Rasmussen, an analyst at Forrester Research Inc. in Cambridge, Mass. "Another common mistake is to focus on compliance as a project, instead of an ongoing process."

The big picture