Contact Us
aboutproductsregulationsservicespartnersnewsevents
Compliance Spectrum Products

Current News
April 15, 2008
Hogg Robinson Group (HRG) selects Spectra to manage IT Policy and Compliance company-wide
More >>

Events
April 22-24
Information Security Europe
More >>

Latest Webinars
PCI Beyond Compliance: Implementing a Successful PCI DSS Program That Translates Into Longer Term ROI Benefits
More >>

Whitepapers
Automating the Compliance Mangement Lifecycle

Downloads
Visit the Download Center


The Compliance Authority

Sign Up
Compliance Authority>>
 


SOX
SOX regulations have had an immensely burdensome impact on IT organizations because of complex, costly, confusing and often ambiguous requirements of Section 404. While many companies assumed that the cost of compliance would decrease over time, many are finding that the opposite is in fact true. In particular, many companies are struggling with:

  • Understanding SOX – the sheer volume of requirements and interpretations alone make understanding SOX Section 404 a challenge
  • Determining specific requirements – interpreting requirements because while the SOX Section 404 requirements have been interpreted via COBIT, ISO and others, many of these interpretations are changing over time, forcing organizations to keep up with modifications
  • Creating a control architecture - creating a centralized set of policies and controls that ensure and prove compliance with current and changing SOX requirements
  • Documenting the audit approach - the need to determine approaches and processes for auditing compliance with key policies
  • Collecting audit evidence - creating a systematic approach for collecting and documenting audit proof, including assessments and system compliance checks

The Business Impact
The business impact of SOX compliance on IT organizations is widespread and well known. Technology spend on SOX is predicted to increase between 10% and 15% of total IT budgets in 2006, up from less than 5% in 2004, according to a survey by Gartner, Inc. In some cases, spend on SOX and IT compliance is completely consuming discretionary IT budgets. This shift in resources and the manual efforts required to achieve compliance are forcing IT organizations to look for a more streamlined, automated approach towards managing SOX Section 404 compliance.

The Compliance Spectrum SOX Solution
Compliance Spectrum provides the services and capabilities needed to both achieve, demonstrate and maintain IT compliance with SOX Section 404 requirements. Key capabilities of the Compliance Spectrum SOX solution include:

  • Regulations and requirements management – identifies gaps between current policies and controls and SOX requirements
  • Controls management (policy and awareness) – provides an auditable centralized repository for policies and controls, comprehensive templates for 'quick start' programs, and deployment and awareness tracking
  • Audit management - provides audit point tracking and prep reporting capabilities for internal and external audit activities
  • Vulnerability and incident management - provides a comprehensive vulnerability database, targeted alerting, and task management and status tracking
  • Compliance management - supports online assessment and integrated audit point tracking for demonstrable compliance

Compliance Spectrum’s Spectra automates key processes across the IT compliance life cycle.

For more solutions click on the compliance standards below:

SOX
GLBA
PCI

HIPAA
NERC CIP
COBIT 4.1

ISO 27001/27002
FISMA
FSA

Contact us to learn more >>
  ©Compliance Spectrum 2007. All Rights Reserved.Privacy Policy