Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
05 September 2005  
Untitled Document
Sections

Market
Management
Technology
 Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp. Hotelier & Caterer
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Market - Article

News Analysis

Software for SOX compliance

HP’s upcoming software will offer CIOs a comprehensive view to assess and address areas of IT compliance and risk. Vertika Yadav reports.

Last month HP announced a piece of software called OpenView Compliance Manager (CM). Though this is not its first compliance-related initiative—the company has been selling solutions covering areas such as ILM and ITIL—CM is the latest in this category to hit the market. It has been designed to deal with the Sarbanes-Oxley (SOX) Act.

SOX has resulted in a heavy workload for IT departments to facilitate access control and audit computerised financial records and processes.

OpenView offers a range of solutions that support internal controls outlined by the Committee of Sponsoring Organisations (COSO) of the Treadway Commission and SOX Section 404. “The new software helps CIOs automate monitoring and reporting of compliance controls,” says Bithin Talukdar, Market Development and Alliances, Software Global Business Unit, HP.

SOX spend
According to AMR Research, Sarbanes-Oxley compliance spending in 2005 will reach $6.1 billion, with 28 percent allocated to technology spending and another 29 percent allocated to external consulting

OpenView helps CIOs automate monitoring and reporting of compliance controls

Bithin Talukdar
Market Development and Alliances Software Global Business Unit HP

The solution analyses, compiles and reports compliance and IT risk information through a centralised dashboard view. “It uses the HP Business Process Management solution to quickly assess and document business processes and develop a plan for remediation. Also, it uses ITSM to assess and sustain IT infrastructure-based controls, security and business continuity,” explains Talukdar. Moreover, CM includes risk management and reporting providing correlated SOX control level data and infrastructure data to identify control issues and detect emerging risks.

Since every organisation is responsible for its compliance assurance, each has its own method and ideology to deal with an issue. Customisation of the software will be carried out taking into account the needs of the client.

For many enterprises compliance is about cost, about something that has to be done. HP however sees laws as opportunities to improve internal controls, performance of the board, and public reporting. To meet the continuing challenge of compliance, it believes that enterprises need to shift their focus from a ‘once and done’ mindset to one of sustained compliance. While SOX is applicable to publicly traded companies, there are many leading private organisations that follow SOX guidelines to reduce their liability and secure their finances. “Given the varying efforts of companies, it’s still early in the day to comment on which industry verticals will be adopters of the new software.” says Talukdar.

HP OpenView Compliance Manager will be available this September. The price has not been finalised, but will tentatively start at $250,000.

Sarbanes-Oxley prescriptions
Section
Requirement
302
 The CEO and CFO must certify financial reports
404
 Management has to prepare documentation on, assess the effectiveness of, and report on internal controls
409
 Issues required to be disclosed to the public on a priority basis include material changes in the company’s financial conditions or operations
802
 Criminal liability can be invoked for failure to comply with record-retention policies or for creating documents to impede, obstruct or influence any existing or contemplated investigation.

HP’s compliance solution
Sarbanes-Oxley control objective HP solution support
Manage changes OpenView IT service management solutions automate and reinforce the change management process
Control and monitor user access to financial processes and applications OpenView identity management solutions help in user financial processes and applications provisioning, segregation of duties, policy-based secure user access and auditable user tracking to maintain privacy and security of IT systems and applications. The ISO / IEC security assessment service enables assessment of the present state of an organisation’s security safeguards
Manage operations OpenView service-driven operation solutions maintain the availability and performance of network, systems and applications to support financial systems
Manage the configuration OpenView configuration management solutions protect against unauthorised changes and threats through automated policy-based management of IT systems and applications

vertika@expresscomputeronline.com

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.