Sarbanes Oxley Compliance Journal on Ulitzer

Sarbanes Oxley on Ulitzer

Subscribe to Sarbanes Oxley on Ulitzer: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Sarbanes Oxley on Ulitzer: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Sarbanes Oxley Authors: David Sprott, Lori MacVittie, Jim Kaskade, Gilad Parann-Nissany, PR.com Newswire

Related Topics: Sarbanes Oxley on Ulitzer

Sarbanes Oxley: Article

webMethods and Certus Offer Joint Compliance

Continuous Compliance Addresses SOX and Related Regulations

webMethods and Certus have formed a strategic partnership designed to help corporations and government agencies transform regulatory compliance into a repeatable, sustainable, and cost-effective process. The partnership builds upon the Certus Governance Suite, an enterprise-class framework for implementing and maintaining internal controls required for regulatory compliance, through the addition of webMethods' continuous controls monitoring solution, webMethods for Compliance, which provides enterprises with the automated ability to monitor and enforce documented compliance procedures.

By bringing together the two core components of the compliance lifecycle as a joint offering, enterprises benefit from a single control environment for compliance management that delivers continuous and automated assurance, the companies say.

Sarbanes-Oxley and similar regulatory mandates require enterprises to document and disseminate specific policies and internal controls used to ensure compliance with corporate governance objectives. At the same time, enterprises must also put in place demonstrable means for consistently enforcing these actions, including periodic evaluation and attestation for compliance with sections 404 and 302 of the Sarbanes-Oxley Act with additional real-time evaluation and testing required for section 409.

While manual approaches allowed most enterprises to meet initial deadlines and baseline requirements for compliance, they did so at significant cost while often failing to secure either real-time visibility or comprehensive coverage of all control points. As enterprises struggle to expand these efforts, the need for new approaches has become apparent.

According to a recent report from Forrester Research [Controls Monitoring Solutions Gaining Momentum Companies Seek Better Automated Capabilities for SOX Compliance by Paul Hamerman with Ian Schuler (August 29, 2005)], "The general approach to SOX 404 compliance has been to respond based on the periodic timing of the financial reporting cycle. Going forward, continuous rather than periodic monitoring of internal controls will be necessary to optimize the controls environment and provide better assurances of reducing errors and discouraging fraud."

More Stories By Security News Desk

SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
ISSJ News Desk 09/19/05 12:13:13 PM EDT

Sarbanes-Oxley and similar regulatory mandates require enterprises to document and disseminate specific policies and internal controls used to ensure compliance with corporate governance objectives. Now two companies have joined together to help corporations and government agencies transform regulatory compliance into a repeatable, sustainable, and cost-effective process.