http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, COOP & COG, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Tue, 13 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12745.html Prism Microsystems, a leading provider of SIEM solutions to the midsize enterprise market, today announced that it has been positioned by Gartner in the recently published Magic Quadrant for Security Information and Event Management, 1Q08 report. http://www.compliancehome.com/news/SOX/12745.html Tue, 06 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12724.html Compliance Coach, a provider of automated regulatory compliance solutions to the financial services industry, announced that it has identified 23 new identity theft red flags and has updated its software, CompliancePal (http://www.compliancepal.com). CompliancePal is the industrys first software solution to enable compliance with the FACT Act Identity Theft Red Flags Rule. The Federal regulation imposes new responsibilities on businesses to prevent consumer identity theft. The impact is broad and the rule affects every single bank, credit union, mortgage lender, auto dealer, credit card lender, payday lender, landlord, utility company, phone company, and any consumer or small business lender in the country. http://www.compliancehome.com/news/SOX/12724.html Mon, 05 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12721.html Oversight Systems, the leading provider of automated continuous monitoring solutions, today announced that it has been selected as a finalist in the Red Herring North America Top 100 list for 2008. http://www.compliancehome.com/news/SOX/12721.html Thu, 01 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12705.html Financial Executives International (FEI) announced today the results of its seventh Sarbanes-Oxley compliance survey, which found that Section 404 compliance cost Corporate America less in year four of adoption than in each of the first three years. FEI polled 185 companies to gauge experiences in complying with Section 404. The responding companies had average annual revenues of $4.7 billion. According to the FEI survey, which included 168 accelerated filers -- companies with market capitalizations above $75 million -- total average cost for Section 404 compliance was $1.7 million during fiscal year 2007. While a direct comparison cannot be made from 2006 costs, as the respondent pool varies year to year, the results show a continued decline in compliance costs. The survey also revealed that total audit fees for U.S. accelerated filers averaged $3.6 million, representing a slight (1.8%) increase from the previous year. http://www.compliancehome.com/news/SOX/12705.html Thu, 01 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12704.html If we have learned anything from Sarbanes-Oxley, it is that internal controls have to be effective. The first step is control design. When done properly, the design will include preventive controls to preclude undesirable activities and detective controls to alert management when exceptions occur. An appropriate design of preventive and detective controls is critical, but not sufficient. Control environments are dynamic. Changes in the business often result in workload shifts. When this happens, roles and assignments are informally swapped to make the work load more equitable. As informal process changes evolve, the control design is often unintentionally compromised, sometimes with significant consequences. http://www.compliancehome.com/news/SOX/12704.html Thu, 01 May 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12703.html Global investors looking for a positive trend have some good news: adoption of International Financial Reporting Standards has increased financial transparency and lowered risk for investors, as measured by the 2008 Opacity Index, released today by the Milken Institute. According to the report opacity works like a hidden tax on business, costing countries growth, companies profits and investors higher returns. Additional improvements in corporate governance and compliance with voluntary codes of conduct have helped raise the scores of most of the 48 countries ranked by risk in the index. The United States, however, fell in its standing due in part to delayed effects of the Sarbanes-Oxley Act of 2002. According to the report, opacity is measured by small-scale but frequent risks, such as corruption and opacity in financial markets that work as deterrents to economic growth. A single-point increase in an Opacity score means foreign direct investment as a percent of GDP can decrease by 0. http://www.compliancehome.com/news/SOX/12703.html Wed, 30 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12701.html Worksoft, provider of solutions that accelerate deployments of SAP applications, announced that its flagship solution Worksoft Certify, can bridge the chasm between the processes of Governance, Risk and Compliance (GRC) and the processes of Application Life Cycle Management. Companies today are not only striving to improve their business processes, they must do so while grappling with compliance issues, said Bruce Johnson, president and CEO of Worksoft. Companies adhering to IT governance implications of Sarbanes-Oxley (SOX), or the required compliance of their respective industries, such as HIPAA and FDA, are looking for a way to shift governance from being a burden to helping them gain and sustain competitive advantages in a highly dynamic global economy. Worksoft can help manage the business process change events between the office of the CIO and the CEO/CFO by enabling timely collaboration and visibility. http://www.compliancehome.com/news/SOX/12701.html Mon, 28 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12686.html As a result of its early success, Franklin Synergy Bank of Tennessee is facing tremendous future growth opportunities. To prepare for its inevitable expansion, the single branch bank in Franklin, Tenn., recently deployed ArcMail Defender, a flexible email archiving solution that helps the bank immediately establish SEC and Sarbanes-Oxley compliant electronic document retention practices. The appliance-based solution enables the bank to manage an increasing volume of email, as well as readily comply with current and future regulatory and legislative requirements. I am confident that ArcMail will facilitate growth by enabling Franklin Synergy to prepare for the increasing volume of emails, as well as industry and regulatory requirements, said Kevin Herrington, chief information officer of Franklin Synergy Bank. Email is a critical communications tool for our bank, and people get frustrated with application problems and get impatient when the Internet goes down. Lose emails on the othe http://www.compliancehome.com/news/SOX/12686.html Wed, 23 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12668.html AXIGEN, the professional messaging solution vendor, and Stimulus Software, vendor of the MailArchiva email archiving system, announced today the closure of a partnership aimed at integrating email messaging and archiving functionalities. Through this strategic technology integration, the two companies aim to pro-actively address the issues arising for businesses of all sizes that work towards complying with IT Governance standards and concepts. The joint AXIGEN Mail Server - MailArchiva solution will provide all functionalities of a complete email messaging and archiving solution. It features reliability and security in both messaging and archiving activities, quick access to information based on advanced search criteria, a smart storage system preventing overhead and compliance with highly debated international standards such as the Sarbanes Oxley act (SOX), Gramm-Leach Bliley act (GLBA) and the Freedom of Information act (FOIA). http://www.compliancehome.com/news/SOX/12668.html Wed, 23 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12667.html Grupo Gesfor and Ounce Labs announced a global alliance partnership to provide Ounce Lab's application security solutions throughout Spain and Latin America. Grupo Gesfor will provide marketing, sales, and implementation support to companies in these regions interested in Ounce Labs' leading source code analysis solution that addresses the increasing risks insecure software poses to their brands and ongoing operations. Grupo Gesfor has a proven track in working with best of breed IT security solutions and implementing software security tools. Grupo Gesfor will work with Ounce Labs to expand its presence in Latin America and Spain by working closely with the company and its subsidiaries in countries including Argentina, Brazil, Chile, Colombia, Panama, Peru, Mexico and Venezuela to manage their customer's application risk by identifying and remediating security issues caused by software security vulnerabilities. http://www.compliancehome.com/news/SOX/12667.html Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12665.html Safend, provider of endpoint Data Leakage Prevention (DLP) solutions, announced the release of Safend Reporter, a data analysis tool that reports on data accessed by removable storage devices and wireless ports, providing extensive security and operational reporting that enables data security and regulatory compliance. Safend Reporter is offered as an add-on module to Safend Protector and provides a graphical, high-level view of the organization's status, allowing administrators to quickly and easily detect irregular or suspicious behavior. The reports present data in a clear and easy-to-understand dashboard format that can benefit all viewers, including non-technical personnel and executives. Through drill-down capabilities, Safend Reporter also delivers detailed reports to data security personnel within the organization. The security reporting tool enables easy detection of specific employees and departments that frequently disregard internal security policies, while the administrati http://www.compliancehome.com/news/SOX/12665.html Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12659.html AlterPoint announced the release of advanced network security and compliance capabilities for NetworkAuthority, its flagship open network management solution, which will help customers automatically discover, prioritise and remediate network vulnerabilities and compliance policy violations as they occur. As a result, enterprises will be able to reduce the time, cost and level of expertise required to keep complex, multi-vendor networks audit-ready and secure against constantly evolving threats. As the complexity of managing network security continues to increase, our customers are looking for a more efficient and cost-effective alternative to manual management processes, said Roddy MacLennan, sales director at Devoteam UK. We recommend adoption of an automated management solution that enforces security and compliance policies and eliminates the need to manage configurations at the device level. http://www.compliancehome.com/news/SOX/12659.html Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12658.html Qualys announced QualysGuard 6.0, an upgrade to its flagship solution for vulnerability and compliance management. QualysGuard 6.0 enables security managers, as well as key organisation executives, including business line managers, members of the board and auditors, to get an on demand view of IT security and compliance within the enterprise. QualysGuard 6.0 offers new metrics reporting supported by scorecards and secure, collaborative report distribution workflows which help operations and IT staff to be efficient and communicate effectively with auditors and executive management. QualysGuard 6.0 is an integral component of the QualysGuard Security and Compliance Suite also being demonstrated at the Infosecurity Europe tradeshow for the first time in Europe. The QualysGuard Software-as-a-Service (SaaS) suite helps organisations worldwide manage the ongoing convergence of security and policy compliance efforts. http://www.compliancehome.com/news/SOX/12658.html Tue, 22 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12654.html Skybox Security announces the fourth-generation of its security risk management software platform. Over 125 of the world's largest companies have adopted Skybox's unique combination of analytics and automation. With Skybox View organizations can accurately pinpoint and prioritize areas of high risk and predict compliance exposures in just minutes. http://www.compliancehome.com/news/SOX/12654.html Mon, 21 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12655.html Global DataGuard, provider of Enterprise Unified Threat Management for small and medium business to large enterprise environments, today announced that it is offering a full suite of enterprise-class products and services to assist healthcare organizations in successfully implementing Security Standards outlined by the Health Insurance Portability and Accountability Act (HIPAA). Utilizing a fully integrated portfolio of Enterprise UTM products and world-class managed and professional services, Global DataGuards HIPAA compliance solution provides for risk-based network assessment, auditing and planning for administrative, physical and technical safeguards, and includes a comprehensive behavioral-based network security architecture to help organizations efficiently and cost-effectively protect confidential healthcare data and electronic healthcare transactions. http://www.compliancehome.com/news/SOX/12655.html Thu, 17 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12635.html Duff & Phelps Corporation, provider of independent financial advisory and investment banking services, announced the formation of its Strategic Tax Advisory Services practice. The practice will be co-led by new Managing Directors Joseph Schmidt and Catherine Hunter. Gerry Creagh, President of Duff & Phelps, said, In the current market environment companies are increasingly seeking opportunities to generate tax savings. Our Strategic Tax Advisory professionals take a holistic approach to proactively identifying and documenting tax benefits associated with new asset construction. http://www.compliancehome.com/news/SOX/12635.html Thu, 17 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12634.html MedeFinance (Mede), a healthcare analytics company, announced the launch of a new compliance analytics solution at the Health Care Compliance Association (HCCA) in New Orleans. Medes Compliance Analytics Solution helps healthcare executives monitor compliance risk areas and track clinical quality metrics. The solution provides insight into potential risk areas and analyzes performance against internal, third party, and CMS data and benchmarks. The government continues to vigorously examine for inaccurate payments to hospitals, stated Mede CEO Mike Gallagher. Hospitals must closely monitor and analyze their performance in all compliance risk areas in order to avoid irreparable harm to their reputation as well as substantial liability. This solution provides them the intelligence needed for Sarbanes Oxley compliance and to avoid problems associated with improper reimbursement. http://www.compliancehome.com/news/SOX/12634.html Thu, 17 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12633.html Mitratech, provider of software solutions for organizations to manage legal, compliance, and risks, announced the availability of TeamConnect Legal with managed hosting. Mitratech's innovative offering will leverage Terremark Worldwide, Inc.'s Infinistructure utility-computing platform, its managed hosting services and world-class infrastructure to deliver high-quality service. This service model highlights Mitratech's commitment to providing customers maximum assurances with regard to Sarbanes-Oxley (SOX) legislation by enabling greater controls of business processes and related data. To this end, TeamConnect Legal leverages Terremark's hosting environment to offer the highest-level data security in a SAS 70 Type II-certified hosting service with 24x7 network operations center monitoring. Additionally, dedicated Mitratech experts manage all customer applications to deliver optimal configurations and ensure that service level agreements (SLAs) are met. http://www.compliancehome.com/news/SOX/12633.html Wed, 16 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12632.html CompuCom Systems announced that it has achieved International Organization for Standardization (ISO) 20000 certification, the international standard for IT Service Management (ITSM). Based on the adoption of Information Technology Infrastructure Library (ITIL) best practices, the ISO 20000 certification is one of many standards and framework components CompuCom follows and benchmarks the companys industry-leading delivery of IT services. Currently, CompuCom is one of a select few companies registered in North America. To be successful in todays competitive global markets, organizations are realizing that they need consistent, enforceable and repeatable processes to improve the quality of their IT services, meet regulatory requirements and ensure a reliable and agile infrastructure to support key business needs. As part of CompuComs overall commitment to delivering quality for clients, the ISO 20000 certification builds upon over two decades of expertise. ISO 20000 is the first form http://www.compliancehome.com/news/SOX/12632.html Wed, 16 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12630.html Founded in 1984, Modulo is the global leader in IT governance, risk and compliance management. Modulo's Risk Management Software provides organizations with the tools they need to automate the assessment of security vulnerabilities and attain regulatory compliance. Recent honors received by Modulo include Hot Company 2008 and Global Excellence Customer Trust Award 2008 http://www.compliancehome.com/news/SOX/12630.html Tue, 15 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12624.html Orchestria has announced that its Intelligent Compliance Suite has been deployed for full-service brokerage and investment banking firm Scott & Stringfellow, a subsidiary of BB&T Corporation. Orchestria's policy-based Intelligent Compliance software is employed to analyze all electronic communication channels in support of SEC, FINRA, and company governance priorities. Scott & Stringfellow has also chosen to implement Orchestria's desktop and server agents throughout its organization. http://www.compliancehome.com/news/SOX/12624.html Tue, 15 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12616.html TAM announced that for the second year in a row it has received the Sarbanes-Oxley Certification (SOX) conferred by the independent auditing firm of PriceWaterhouseCoopers, attesting to fulfillment of the requirements established by Section 404 of the Sarbanes-Oxley Law concerning internal controls over consolidated financial statements. Renewal of the Sarbanes-Oxley Certification reaffirms TAM's commitment to high ethical standards and good corporate governance practices. It also shows the company's permanent attention to ensuring a high level of control over its procedures, transparency and value creation for shareholders, emphasizes Libano Barroso, Vice President for Finance and Management, and Director of Investor Relations. Receiving this attestation is in keeping with the search for excellence in management, one of the company's three pillars -- along with excellence in technical and operational services --which have guided the company's performance. http://www.compliancehome.com/news/SOX/12616.html Fri, 11 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12598.html Oversight Systems, Inc. today announced general availability of the 4.5 release of the companys continuous auditing software. Significant features of the new release include support for Windows Server 2003 and enhancements to the Oversight Workbench. http://www.compliancehome.com/news/SOX/12598.html Thu, 10 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12594.html There is a clear gap between the current focus of many internal audit functions and stakeholder expectations for greater value, according to the fourth annual study of current issues for the internal audit profession conducted by PricewaterhouseCoopers LLP (PwC). The growing tendency of audit committee members to share best-practice ideas drawn from other companies where they serve on the board are primary factors contributing to the need for internal auditors to address the rising expectations of their chief stakeholders. Sixty-three percent of survey respondents consider operational risk to be of significant importance to audit committees, suggesting a deepening appreciation among both audit committees and audit leaders of the need for internal audit to increase its focus on operational, strategic, and business risks. At the same time, only 52 percent of respondents consider providing assurance on the effectiveness of a company's risk management processes to be of significant importa http://www.compliancehome.com/news/SOX/12594.html Thu, 10 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12593.html SaaSWizard, provider of powerful, affordable, and easily deployed 100% web-based business process automation (BPA) solutions for organizations of all sizes, today announced the launch of its SaaSWizard Reseller Program. The program will allow VARs to compete and win against large competitors by giving them the ability to apply their unique depth of understanding of customer needs to develop customized enterprise solutions extremely rapidly and without the need for programming. Many of our business partners have deep expertise in their business sector, but not the technical staff traditionally required to develop and support a custom application. However, with SaaSWizard's development and deployment platforms, they can now actively participate in the growing SaaS market by delivering unique applications for their customers with no programming, said Colin Earl, CEO of SaaS Wizard. http://www.compliancehome.com/news/SOX/12593.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12584.html Protiviti, provider of internal audit and risk and advisory services, has released the fourth edition of its highly acclaimed resource guide about Section 404 of the Sarbanes-Oxley Act -- Guide to the Sarbanes-Oxley Act: Internal Control Reporting Requirements. The guide, which answers 258 frequently asked questions about Section 404 and other related topics, addresses new guidance and standards issued in 2007 by the U.S. Securities and Exchange Commission (SEC) and the Public Company Accounting Oversight Board (PCAOB). The book also includes topics related to foreign filers and U.S. domestic non-accelerated filers and takes into account lessons learned since the guide's third edition was published in 2004. http://www.compliancehome.com/news/SOX/12584.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12583.html Security solutions developer High Tower Software has released a security appliance designed to help IT personnel in smaller organizations mitigate network security risks and better manage regulatory compliance. Called Cinxi Express, the new product is a Security Information Event Manager (SIEM) that collects log data from network devices, applications and users, analyzes the information to assess potential security and compliance threats, and alerts personnel when risks are detected. Like High Tower's enterprise-class Cinxi SIEM solutions, Cinxi Express delivers a full suite of log management, threat response, compliance monitoring, and data forensics capabilities organizations need to ensure that networks are secure and operating within corporate and regulatory guidelines. http://www.compliancehome.com/news/SOX/12583.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12580.html Hifn has introduced the industry's first turnkey Unified IP Software solution bundled with an Express data security acceleration card. The new Unified Storage OEM Bundle enables OEMs and systems integrators to quickly enter the fast-growing iSCSI market by transforming open-system, third-party disk arrays into intelligent iSCSI storage appliances. Hifn will offer its new software bundle in addition to its already well recognized iSCSI IP SAN appliances. Hifn's new Unified Storage OEM Bundle combines the company's Express DS250/255 data acceleration card with the award-winning Swarm iSCSI software, featuring advanced management and security features, such as unified iSCSI SAN and NAS storage, integrated hardware data encryption to protect sensitive company data and meet regulatory compliance standards, and built-in data protection features, including point-in-time snapshots and local and remote data replication. The Hifn bundled solution is tuned for the specific needs of SMB customers, http://www.compliancehome.com/news/SOX/12580.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12579.html Companies in the retail banking sector who want a complete, in-house solution to address compliance concerns are increasingly looking to the Plug n Comply e-mail archiving appliance offered by Jatheon Technologies. United Western Bancorp, which owns the Colorado-based United Western Bank network, recently implemented a Jatheon solution to assist with e-discovery compliance in legal cases. We were using an outside vendor for our message archiving and were unhappy with their reliability, explained Jamie Yancy, chief technology officer for United Western Bancorp. After careful evaluation of a number of providers, we felt the Jatheon solution was the best fit for our business model. http://www.compliancehome.com/news/SOX/12579.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12578.html Configuresoft announced that it has enhanced its continuous compliance and security capabilities for VMware environments with support for the Center for Internet Security (CIS) VMware ESX Server Benchmark. Support for this Benchmark enables IT Operations to easily measure compliance with best practices for hardening virtual environments from a broad consensus of industry experts. Last year, at a birds-of-a-feather session at RSA, CIS and Configuresoft developed a benchmark working group and with input from more than 200 virtualization and security experts from the commercial market, federal organizations, manufacturers and the software industry created the industry's first virtual machine security benchmark. CIS benchmarks and guidelines are unique in the industry in that they are created via broad consensus. This benchmark extends and enhances the hardening guidelines offered by the manufacturers by consolidating the expert opinion of the world's leading security professionals. http://www.compliancehome.com/news/SOX/12578.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12577.html A considerable degree of attention has been placed on organizations to improve and disclose the state of Information Technology Internal Controls worldwide by shareholders, management, industry oversight groups and governments. The integrated nature of technology now permeates all aspects of life and is mission critical for most organizations. Recent awareness of the importance of technology by key stakeholders has raised the visibility and scrutiny placed upon the safeguards employed in organizations. No longer may technology be considered after the fact, but must be evaluated prudently at the highest levels to consider the full impact of security, resiliency to operations, integrity of services, propriety of partnerships with vendors and the inevitable risks of operating any business. In his new book released today at the RSA Conference 2008, IT Compliance & Controls - Best Practices for Implementation, author James J. DeLuccia IV offers a step-by-step approach using industry best pr http://www.compliancehome.com/news/SOX/12577.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12576.html Transplace,provider of transportation management services and logistics technology, announced the successful completion of a Statement on Auditing Standards (SAS) 70 Type II Report on internal controls over its third party/managed services logistics operations. The purpose of a SAS 70 report is to provide information to key customers about internal controls at Transplace, which may affect the financial reporting of customers using that service. The completion of the SAS 70 effort is a significant milestone for the organization. We knew the importance of and value in obtaining a SAS 70 Report, and it was truly a team effort in securing the positive outcome of this audit, said Steve Crowther, executive vice president and chief financial officer for Transplace. As a leading on-demand company, we have undergone some significant internal technology advancements such as switching over to 100 percent virtualized servers and moving the Transplace data center to a remote location to enhance http://www.compliancehome.com/news/SOX/12576.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12574.html Bradford Networks, provider of comprehensive network access control (NAC) solutions, announced its new NAC Director Guest/Contractor Services (GCS) solution, which gives organizations the advanced security and operational tools required to manage guest, contractor, and strategic business partner network access. NAC Director GCS secures unmanaged laptops and PDAs, is easily added to existing networks, and provides a simple upgrade path to complete NAC capabilities. Organizations are under increasing pressure to provide network access to guests, strategic partners, and the contingent workforce temporary, freelance, and contract workers. In the last five years, the staffing industry has doubled and it will double again to a $200 billion industry by 2010, according to BusinessWeek. http://www.compliancehome.com/news/SOX/12574.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12573.html nCircle, provider of agentless security risk and compliance management solutions, announced that its solutions now identify over 17,000 conditions, including operating systems, applications, vulnerabilities and configurations. The detailed configuration and security intelligence gathered by nCircle's agentless discovery provides enterprise customers with the industry's most comprehensive foundation for reducing security risk and ensuring compliance at the lowest possible cost. nCircle's Vulnerability and Exposures Research Team (VERT), the world leader in accurate and non-intrusive agentless discovery technology, delivers an ever-growing library of vulnerability, configuration and compliance checks used across nCircle solutions. http://www.compliancehome.com/news/SOX/12573.html Wed, 09 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12570.html Aldon, provider of process-driven application lifecycle management (ALM) solutions, has published a white paper on compliance. Providing best practices, compliance information and advice, the paper outlines how to use regulatory requirements as an opportunity to integrate business and IT. Most organizations nowadays are faced with compliance requirements of some sort, said Matt Scholl, COO and president of Aldon. Whether specific to the industry, such as Sarbanes-Oxley and Basel II for banking, or HIPAA in pharmaceutical, what all companies face is ensuring that business processes are tracked, measured and controlled. The best place for this to be implemented and carried throughout the corporations is in the IT department. http://www.compliancehome.com/news/SOX/12570.html Tue, 08 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12567.html Tizor Systems, provider of enterprise database auditing and protection solutions for the data center, today announced a technology alliance with ArcSight, a leading global provider of compliance and security management solutions. This partnership was formed to address a major need for integrated solutions that provide a comprehensive, enterprise-class approach to data security. The partnership, which will be promoted through ArcSight's EnterpriseView Partner Program, will help customers safeguard critical data assets, control data risk and meet a wide range of compliance requirements. The integration between Tizor Mantra and ArcSight ESM will allow for correlation, analysis, viewing and response to all incidents across the enterprise -- providing enterprises with a single, unified view into security and compliance incidents. http://www.compliancehome.com/news/SOX/12567.html Tue, 08 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12565.html Voltage SecureData Grows Momentum With Major Integrators and Global 2000 Companies. Leading organizations standardize on advanced cryptographic solution to foil identity theft, speed compliance efforts, protect outsourced environments and avoid public data breach disclosures. http://www.compliancehome.com/news/SOX/12565.html Tue, 08 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12564.html Secure Computing Announces New TrustedSource Alliance: Makes TrustedSource World-Class Reputation System Available To Partners. Members include Foundry, F5, Riverbed, and Webroot http://www.compliancehome.com/news/SOX/12564.html Tue, 08 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12556.html C2C and Titus Labs are working together to provide solutions that will allow organizations to make more informed decisions concerning the archiving, storage, retention and discovery of business records, while reducing storage costs simultaneously. Organisations need to decide which messages to archive based on their own specific internal classification structures, in addition to the advanced centralized policy criteria that are offered within Archive One. Storage demands for email are growing quickly and governance requirements continue to expand. So organizations need to find solutions that will manage the number of emails archived while still meeting all internal and external compliance requirements, said David Cassell, Product Manager at C2C. http://www.compliancehome.com/news/SOX/12556.html Mon, 07 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12551.html Tizor Systems, a leading provider of enterprise database auditing and protection solutions for the data center, today announced a technology alliance with ArcSight, a leading global provider of compliance and security management solutions. This partnership was formed to address a major need for integrated solutions that provide a comprehensive, enterprise-class approach to data security. http://www.compliancehome.com/news/SOX/12551.html Fri, 04 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12537.html OAO Technology Solutions announced that it has entered into a strategic partnership agreement with Dulles, VA-based ServerVault Corp., a premier provider of highly secure and compliant managed hosting solutions. OAOT will employ a broad range of ServerVault's managed infrastructure solutions to deliver enhanced services to customers around the globe across three core lines of business: Human Capital Management Solutions, Strategic Business Solutions and Enterprise Management Solutions. http://www.compliancehome.com/news/SOX/12537.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12531.html Combining power and flexibility, with Microsofts .net technology, AchieverPlus provides a unique, management gateway that can easily be embedded into an organisations existing processes without disrupting working practises. The system unifies all the organisations disparate systems, standards, policies and resources across any number of sites and locations. Multiple areas of compliance can be included, such as regulatory, legislative and best practice, encompassing many industry and regulatory compliance standards. Specific compliance management solutions for the most highly regulated business areas include:Sarbanes Oxley, MiFID, Life Sciences (such as Health and Safety), ISO 9000 /1 and more. Traditionally, with disparate databases managing each area of compliance, users would have to search multiple systems to identify their tasks and alerts. This can lead to errors and omissions and increase the amount of time spent on managing tasks. In addition, many organisations have seen the http://www.compliancehome.com/news/SOX/12531.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12530.html Guardium, the database security company, announced that it has tightly integrated vulnerability management with its enterprise database security and compliance platform. Guardium 7 is the first solution in the industry to address the entire database security and compliance lifecycle with a unified Web console, back-end data store and workflow automation system. With this unified approach, organizations now have a single scalable platform to deliver critical security and compliance functions across all of their data centers, DBMS platforms and enterprise applications, including: * Comprehensive protection of critical enterprise data * Risk assessment with business context, and * Security and compliance at lower cost and with less effort -- freeing IT resources to focus on other strategic initiatives. http://www.compliancehome.com/news/SOX/12530.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12529.html Intasoft released its long awaited new IntaChange Enterprise change management software. The software is an easy-to-use, online system with a host of new features especially designed to make the process of change management more efficient and to improve the auditing process. IntaChange Enterprise is essential for organisations requiring compliance with Sarbanes-Oxley or those wanting to use the ITIL framework to improve workflow and efficiency. It gives both internal and third party auditors a clear view of the entire change process. IntaChange Enterprise answers all the auditors' questions. Including and perhaps most importantly, 'Why was it changed?' By keeping an accurate record of all changes, and implementing automated, mandatory controls, it reduces the risk of unauthorised access and data tampering. It controls complex business processes from a central point, reducing mistakes and avoiding duplication. Senior managers have the peace of mind that their data is totally accurate an http://www.compliancehome.com/news/SOX/12529.html Thu, 03 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12527.html Configuresoft, announced that Convergys has selected Configuresoft's Enterprise Configuration Manager (ECM) to help manage and maintain compliance with multiple regulatory and industry standards including PCI DSS (Payment Card Industry Data Security Standard). Convergys is a global leader in relationship management with more than half of the Fortune 50 companies as its clients. Convergys selected ECM for its scalability, performance, rapid and granular data collection of IT assets, industry leading compliance content and templates, and enterprise remediation capabilities. http://www.compliancehome.com/news/SOX/12527.html Wed, 02 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12526.html MetricStream announced availability of a new benchmark report GRC Strategic Agenda: The Value Proposition of Governance, Risk, and Compliance from the Aberdeen Group, a Harte-Hanks Company . Among other findings, the report highlights that internal policies and practices are emerging as the most important drivers for investment in GRC initiatives, indicating a shift from focus on mandatory regulations such as SOX, to value-driven GRC programs that deliver better business performance. The report focuses on three of the most important aspects of GRC for an organization's bottom-line-success: compliance regulations, data security and risk management. It provides guidance to identify and evaluate resources and proactively prepare for mitigation of business risks. Further, the assessment provides some compelling facts derived from its research which will help companies make informed decisions. http://www.compliancehome.com/news/SOX/12526.html Wed, 02 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12524.html Omada and Oxford Computer Group announced that Daymon Worldwide, an international company specializing in the sales and marketing of Private Label consumer products and consumer event marketing, has selected the Omada solution to strengthen compliance while increasing their business productivity. The Omada solution is a powerful solution for Advanced RBAC and Compliance Reporting, consisting of the Omada Identity Manager (OIM) and Microsoft Identity Lifecycle Manager (ILM). Highly interoperable, the solution will be implemented within Daymon's heterogeneous system environment, providing a single and integrated solution. Omada Identity Manager will be implemented by Oxford Computer Group (OCG), who have extensive experience and a track record of implementing the combined Microsoft and Omada solution with leading global enterprises. http://www.compliancehome.com/news/SOX/12524.html Wed, 02 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12522.html Somansa launched the Somansa DB-i which specializes in database management for regulatory compliance and data leakage security. Somansa DB-i provides organizations with a central database management solution that supports various database platforms for easy access and control of data. With over 70 percent of companies' documents in electronic format and the increased use of electronic communication to exchange and access critical and confidential information, companies must take proper measures to manage and secure data for internal data leakage and regulatory compliances such as e-Discovery and Sarbanes-Oxley. http://www.compliancehome.com/news/SOX/12522.html Wed, 02 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12521.html izor Systems, provider of enterprise database auditing and protection solutions, announced Mantra version 5.9 with advanced features for usability, scalability and compliance coverage. New features include automated policy creation for faster time to deployment; advanced analytics for mitigating data risk in real-time; and an enhanced user interface for the most intuitive, easy to use solution for business, compliance and technical users. Mantra 5.9 installs and deploys faster than other solutions and policies are easier to generate and maintain, contributing to a lower total cost of ownership. With Mantras compliance templates and Policy Wizard, companies can rapidly address database security, internal data governance and a wide range of external compliance requirements and industry standards such as SOX, GLBA, FFIEC and PCI. http://www.compliancehome.com/news/SOX/12521.html Wed, 02 Apr 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/12519.html The economic outlook for small emerging companies will be mixed during the first half of 08 because of burdensome regulatory accounting and legal costs making it almost impossible for many of these smaller firms to access the U.S. capital markets and survive, says Frank Speight, CEO of West Palm Beach, Florida-based American Capital Partners, Ltd. (Pink Sheets:APRJ) and Chairman of the National Small Public Company Leadership Council and the Microcap Company Political Alliance Corporation (MCPAC; www.microcappac.org), a small business advocacy group. Small companies will take on varying shades of economic performance, from vibrant to dark, depending on whether or not these entrepreneurs can find the necessary money to employ people and pay for their business growth which, in turn, impacts our economy, according to Speight. American Capital is a business development firm that provides small entrepreneurial companies with their funding needs. http://www.compliancehome.com/news/SOX/12519.html