http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, COOP & COG, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Tue, 26 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13398.html Oversight Systems, the leading provider of automated continuous transaction monitoring software, announced today that The University of Texas M. D. Anderson Cancer Center has contracted to implement Oversights continuous monitoring solution for the procure-to-pay process. http://www.compliancehome.com/news/SOX/13398.html Mon, 25 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13395.html iViZ, an On-Demand Penetration Testing company, announced its discovery of a new class of vulnerability at Defcon 16, the world's leading security conference. This vulnerability allows attackers to steal computer boot passwords and bypass the security of pre-boot authentication software like hard disk encryption tools. It affects general computer users, enterprises, governments and can result in unauthorized access or theft of confidential data. Incidentally, in 2007 the global loss due to data theft is estimated to be USD 40 Billion. Surprisingly, this vulnerability has been existing for 25 years, says Jonathan Brossard, iViZ lead security researcher and discoverer of this vulnerability. Programmers unaware of this security hole have coded boot password feature in such a way that user entered text do not get flushed from memory properly leading to inadvertent leakage and theft. Even hard-drive encryption does not help in this case, adds Mr. Brossard. This vulnerability affects Microso http://www.compliancehome.com/news/SOX/13395.html Mon, 25 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13394.html PalmTree announced that it has made significant enhancements to its e-Governance+ Internal Audit module to further help companies looking to streamline their Internal Audit process. These improvements come at a time when companies have standardized their Sarbanes-Oxley (SOX) compliance programs and are beginning to turn energies inward to fine-tune other audit processes. Vice President of PalmTree, Inc. Ted Stone comments, Now that SOX is maturing, companies are able to re-focus on improving the efficiency of their Internal Audit department. As companies look to re-balance Internal Audit, they will be able to reduce time, costs and manpower by utilizing e-Governance+. http://www.compliancehome.com/news/SOX/13394.html Mon, 25 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13391.html Centive wins CRM magazine's 2008 CRM Market Leader Award in the Incentive Management category. http://www.compliancehome.com/news/SOX/13391.html Mon, 25 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13390.html Hawaiis Punahou School Deploys Secure Computings Secure Web to Bolster Internet Security http://www.compliancehome.com/news/SOX/13390.html Sun, 24 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13381.html Comodo announced the availability of version 1.0 of SecureEmail. Comodo SecureEmail employs well-established, de facto industry standard, PKI-based solutions/technologies that enable encryption and digital signature of outgoing emails, assuring recipients that the email has not been tampered with during transmission. Comodo's solution can be deployed with either Comodo or third party SSL Certificates. Email is one of the most vulnerable systems to attack. Comodo SecureEmail is the install-and-forget application that can automatically encrypt and sign all messages. Featuring full integration with Microsoft Outlook, Mozilla Thunderbird and other S/MIME-capable email clients, it includes a built-in wizard that allows users to easily download and setup a free Comodo email certificate. This helps automate the digital certificate acquisition, distribution, signature and encryption processes, freely building a secure email community. COMODO SecureEmail also helps companies further their compl http://www.compliancehome.com/news/SOX/13381.html Fri, 22 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13370.html OpenPages, provider of enterprise GRC management solutions that optimize business performance, announced that Interpublic Group (IPG), one of the world's leading organizations of advertising agencies and marketing services companies, has selected OPENPAGES FCM(SM) for its Sarbanes-Oxley compliance programs. IPG chose OpenPages FCM given the flexibility and configurability of the solution which provides a streamlined and sustainable approach to IPG's continued compliance with Sarbanes-Oxley. OpenPages FCM allows IPG to automate the ongoing test and review of its controls documentation to reduce the time, cost and complexity associated with Sarbanes-Oxley Sections 404 and 302. http://www.compliancehome.com/news/SOX/13370.html Wed, 20 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13359.html Guardium, the database security company, is aggressively expanding its international presence to meet increasing demand for safeguarding enterprise data and automating compliance controls. The company has formed new strategic partnerships with 29 international resellers and system integrators in the past 18 months, and expanded its global team to include five new regional directors responsible for managing and supporting Guardiums growing indirect channel. This expansion enables Guardium to align its worldwide sales organization and partners to strengthen the companys market leadership and ability to penetrate emerging markets. http://www.compliancehome.com/news/SOX/13359.html Tue, 19 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13354.html Even CEOs can't read statements compliant with the law.The goal of the 2002 Sarbanes-Oxley Act was to make corporate accounting more transparent. In practice, a new Cato Institute study finds, the law's requirements have had the opposite effect. Sarbanes-Oxley sought to achieve its aims by having the Financial Accounting Standards Board (FASB) mandate that corporations use Generally Accepted Accounting Principles (GAAP) in reporting their balance sheets to shareholders. In the Cato Institute Briefing Paper FASB: Making Financial Statements Mysterious, T.J. Rodgers explains why the GAAP rules complicate financial statements to the point where even CEOs have trouble reading them. Rodgers, a founder, president, CEO and director of Cypress Semiconductor Corporation who sits on the board of several high-technology companies, uses his personal experience to illustrate how these rules obfuscate financial reports. http://www.compliancehome.com/news/SOX/13354.html Tue, 19 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13351.html Palisade Systems, provider of data loss prevention products, announced today the July 2008 results of their 5-Day Secure Assessment Program. The assessments, which are performed at no cost, analyze data loss and other security compliance vulnerabilities at U.S. corporations, including healthcare, education, financial services and government entities. Based on the recently announced violations and previous 5-Day Secure Assessments performed earlier in the year, Palisade Systems estimates that the company's PacketSure appliance will uncover a total of over 4,200,000 compliance violations in 2008. Palisade Systems' 5-Day Secure Assessments are designed to help organizations understand the frequency, method(s), and remediation options of data loss occurring on their networks. Following an in-depth five-day assessment period using Palisade's PacketSure appliance to collect information, a report is produced documenting the data leakage that occurred. Below are the registered data leaks (excl http://www.compliancehome.com/news/SOX/13351.html Tue, 19 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13347.html Tizor Systems, a leading provider of enterprise database monitoring and protection solutions,announced today that Network Products Guide, a Silicon Valley Communications publication and a world leading publication on technologies and solutions, has named Mantra a winner of the 2008 Best Products and Services Award for Best in Regulatory Compliance. http://www.compliancehome.com/news/SOX/13347.html Tue, 19 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13344.html Legiant, provider of workforce management software, announced results of their SAS 70 Type II audit. With the introduction of the Sarbanes-Oxley Act, the SAS 70 Type II audit was identified as the only acceptable method of assuring a third party that a service organization's controls are in place and working effectively. According to the independent service auditor's report, Legiant's hosted data center has the necessary controls in place and these controls are operating effectively. Legiant provides attendance tracking software that can be offered as SaaS, which reduces internal IT costs, increases the speed of implementation and ensures the correct controls are in place to protect critical data associated with time keeping. As a leading time and attendance system provider, we take data security and reliability very seriously, said Rod Crane, CTO of Legiant. Due to the nature of human resources, it is critical for any organization offering hosted time and attendance services to be SAS http://www.compliancehome.com/news/SOX/13344.html Mon, 18 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13337.html Guidance Software gives enterprises world-class in-house eDiscovery processing capabilities including new connectors for leading archiving and content management solutions and a new work-flow driven interface in version 3.1 of its industry-leading EnCase(R) eDiscovery solution. These added competencies further expand the search, collection, preservation and processing capabilities of EnCase eDiscovery, enabling litigants to reduce risk and realize tremendous cost savings by eliminating outsourcing and bringing the eDiscovery process in-house. http://www.compliancehome.com/news/SOX/13337.html Sun, 17 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13331.html SECNAP Network Security Corporation today announced addition of the newest feature to its award-winning Email Security Gateway Powered by SpammerTrap. The Email Archiving enhancement enables clients to archive both incoming and outgoing mail, and is compatible with virtually all messaging systems including Microsoft Exchange, Lotus Notes and Novell GroupWise.Available with ENT- and GEM-model gateway appliances as well as Premier- level hosted service, Email Archiving provides user-convenient archiving with optional remote storage through add-on hot-swap storage or network-attached storage (NAS). Separate configurations are available for incoming and outgoing messages, with access to archiving functionality limited to client site administrators to preserve security. http://www.compliancehome.com/news/SOX/13331.html Thu, 14 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13325.html Shavlik Technologies' customers utilize single solution to simplify and automate the reports recommended steps of Assess, Prioritize, Remediate, Repeat. http://www.compliancehome.com/news/SOX/13325.html Wed, 13 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13317.html Protiviti, provider of internal audit and risk and advisory services, has been positioned by Gartner, Inc. in the Challengers quadrant in the Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms. The Protiviti Governance Portal provides organizations with a software solution that addresses multiple Governance, Risk, and Compliance (GRC) objectives through one unified technology platform. According to its report, Gartner defines Challengers as follows: Challengers have proven viability, demonstrated market performance and the ability to exceed customer expectations on technical functionality.Challengers need to focus on their product road maps, as well as their sales, marketing, geographic and vertical industry strategies to move into the Leaders quadrant. Gartner evaluated Protiviti on ability to execute, including product/service; overall viability; market responsiveness; and customer experience, and on completeness of vision, which includes market understanding, pr http://www.compliancehome.com/news/SOX/13317.html Tue, 12 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13308.html AlgoSec, provider of Firewall Operations and Security Risk Management solutions, today announced that leading analyst firm Frost & Sullivan called its FireFlow offering an instrumental network security lifecycle management solution. In a Network Security Technology Alert, Frost & Sullivan addressed the growing market demand for network security lifecycle management solutions to meet external and corporate compliance requirements in increasingly complex environments. According to the alert, in what is a growing challenge, businesses must ensure their IT processes and structure meet regulations such as Sarbanes-Oxley (SOX) and Payment Card Data Security Standards (PCI DSS). http://www.compliancehome.com/news/SOX/13308.html Tue, 12 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13302.html Crossbeam Systems, provider of next-generation security platforms for high-performance networks, today announced that it has certified Imperva's SecureSphere 6.0 to run on the X-Series Next Generation Security Platform through the iBeam ISV Certification Program. Deployed on the Crossbeam chassis, SecureSphere's market-leading application data security solution will help enterprises and carriers protect their Web applications and databases from attack, as well as enable companies to comply with a wide variety of regulatory initiatives. http://www.compliancehome.com/news/SOX/13302.html Tue, 12 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13299.html Three surveys, with more than 780 respondents, show the increasing importance of enterprise risk management (ERM) to chief financial officers, audit committee members and chief audit executives. Crowe Chizek and Company LLC released the surveys results, which included participants from a broad spectrum of public and private companies, with revenues ranging from $100 million to more than $10 billion. The surveys found that more than 65 percent of chief financial officers (CFOs) and 70 percent of audit committee members cited managing enterprise risk as the biggest challenge for their organizations over the next 12 months. According to those surveyed, ERM was considered an even bigger challenge than improving financial reporting and improving internal controls for CFOs. http://www.compliancehome.com/news/SOX/13299.html Mon, 11 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13296.html US DataVault, in its eighth year of providing online data protection to firms of all sizes across North America, today announced a breakthrough in pricing for redundant, secure online data storage, cutting its retail prices by as much as 75 percent. As a result, the company said more businesses will be able to economically store their data and e-mail offsite at US DataVault's multiple locations throughout the United States for rapid recovery in the event of a disaster, as well as to assure compliance with numerous government and industry regulations, such as HIPAA, Sarbanes-Oxley, FRCP and PCI-DSS. http://www.compliancehome.com/news/SOX/13296.html Fri, 08 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13281.html StoredIQ, whose innovative eDiscovery technology revolutionizes the way companies address electronic discovery and litigation readiness, announced today that Network Products Guide, a Silicon Valley Communications publication and a world leading publication on technologies and solutions has named the StoredIQ appliance a winner of the 2008 Best Products and Services Award. This respected annual award honors products and services that represent the rapidly changing needs and interests of the end-users of technology worldwide. As part of the tech-industrys leading global awards program, this years Best Products and Services were nominated from all over the world. http://www.compliancehome.com/news/SOX/13281.html Thu, 07 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13274.html NovAtel, a precise positioning technology manufacturer and Brilliant Telecommunications (Brilliant), a developer of next-generation synchronization and timing solutions, announced they have signed a technology partnership agreement to develop and deliver innovative timing, synchronization and positioning solutions. The companies will undertake cooperative development activities, combining their respective technologies to create new product platforms that target high precision applications. This unique combination will enable both companies to deliver a powerful set of new timing and synchronization solutions to customers worldwide. GPS and GNSS precise positioning technology is a key element to meet the growing demands placed on Network Time Protocol (NTP) and Precision Time Protocol (PTPv2) server technology, as the end-to-end transmission and synchronization of voice, data and video across packet-based networks becomes more sophisticated, said Jon Ladd, NovAtel's Chief Executive Offi http://www.compliancehome.com/news/SOX/13274.html Wed, 06 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13263.html Patrick Townsend Security Solutions (PTSS), announced the launch of a new website ( www.patownsend.com). The site is designed to help both technical and non-technical professionals easily locate resources and solutions for all their encryption needs. In the late 90's, PTSS was primarily a System i solution, but over the years PTSS has built on its pioneering leadership to encompass all other enterprise platforms. In working with the largest retail companies in the world, PTSS understands the business imperatives of keeping critical data safe and the consequences of the smallest breach. PTSS also understands how important it is to design solutions to minimize the impact on day-to-day operations. http://www.compliancehome.com/news/SOX/13263.html Wed, 06 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13262.html Microsoft and BearingPoint, a management and technology consulting firms, today announced the BearingPoint Enterprise Governance, Risk and Compliance (EGRC) solution.With Microsoft, BearingPoint has created a risk-based compliance solution based on Microsoft technology that builds on the companies' long-standing alliance and helps organizations identify areas of risk, assess and remediate control deficiencies, and strengthen compliance without compromising profitability. Built on Microsoft Office SharePoint Server 2007, this technology solution includes the necessary software and management tools to help organizations effectively manage risk and compliance through the use of alerts and analytics. For example, an organization can set alerts so that if key risk indicators or compliance metrics are exceeded, email notifications are triggered and workflow steps are initiated, forcing employee actions to address the activity. These reactions are documented and audit trails maintained to ass http://www.compliancehome.com/news/SOX/13262.html Wed, 06 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13261.html Compliance 360, provider of on-demand software solutions for enterprise governance, risk management and compliance (eGRC) and the most widely used solution in the healthcare industry, announced that its healthcare provider customers are using the compliance software solution to proactively reduce the likelihood of audits conducted under the Medicare Recovery Audit Contractor (RAC) program. In June 2008, the Centers for Medicare and Medicaid Services (CMS) reported that Medicare has corrected more than $1 billion in improper payments through the Recovery Audit Contractor (RAC) program since 2005, with 85 percent of the corrected payments coming from hospitals. Thus far, the RAC program has been conducted as a limited pilot in several states, with plans to begin the nation wide rollout later this year. According to CMS figures from 2007, estimated improper Medicare payments exceed $10 billion annually. http://www.compliancehome.com/news/SOX/13261.html Tue, 05 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13253.html Document lifecycle management company Recall has opened a full-service, secure document and electronic media destruction facility in Lanham, Maryland to accommodate the U.S. Capitol region's sensitive information security needs. With this new facility, Recall can offer its customers collection and off-site destruction of sensitive documents and data storage media, as well as destruction of items with high intrinsic value, such as uniforms and defective merchandise. The site complements Recall's other Capitol area facilities in providing the full scope of document management services, including storage and archiving, document digitization, data protection, and disaster recovery and continuity for commercial, government, and other organizations. http://www.compliancehome.com/news/SOX/13253.html Mon, 04 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13251.html DigitalStakeout, an innovator and source of breakthrough Security Information and Event Management (SIEM) solutions, today released its summary of the results from its inaugural Cybersecurity Defense-in-Dimension Roundtable held in Washington, D.C.The Roundtable worked and identified four cornerstone issues as the basis for expanded future roundtable discussions. The four issues are: -- The immutable need for integration of Global threat intelligence in business/mission based security infrastructures -- The need to move to dynamic information-centric cybersecurity systems that support all source analysis and enable non-obvious threat attribution -- The priority to drive performance based strategies with value based mission and business metrics -- Create a Trusted SIEM reference architecture that breaks the contextual constraints of defense-in-depth and advances Defense-in-Dimension as the way forward. http://www.compliancehome.com/news/SOX/13251.html Mon, 04 Aug 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13248.html Secure Computing Introduces Secure Web Reporter for Complete, Real-Time Viewing of Web Activity, Security, Performance and Compliance http://www.compliancehome.com/news/SOX/13248.html Thu, 31 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13227.html The OWASP Foundation ( www.owasp.org) has posted their final speaker selection for their upcoming conference in New York City. The conference will take place September 22nd - 25th, downtown at Pace University, located at One Pace Plaza.This application security world conference will be the largest OWASP conference ever. The Keynote Speakers for this event will include Howard A. Schmidt, Former White House Cyber Security Advisor, Joe Jarzombek, the Director for Software Assurance in the Department of Homeland Security (DHS), and Jeff Williams, Chairman of the OWASP Foundation. Jeremiah Grossman, Robert RSnake Hansen, along with many other well known application security pioneers, will present new research, findings and solutions. This conference is limited to only 1,000 attendees, so reserve your spot immediately. http://www.compliancehome.com/news/SOX/13227.html Wed, 30 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13219.html PROPHIX Software, a leading provider of financial business intelligence solutions, today proudly unveils the latest version of their esteemed Corporate Performance Management solution, PROPHIX for SQL Server v4.1. PROPHIX for SQL Server v4.1 is their most powerful performance management solution to date with the addition of significant functionality to improve analysis, workflow processes and security. The most impressive enhancements found in PROPHIX for SQL Server v 4.1 are Advanced Data Visualization (ADV), Offline Data Entry and an Audit Log that aids with Sarbanes-Oxley Act compliance. Fully integrated with PROPHIX, ADV is a web-based Business Intelligence tool that gives a graphical overview of an organization's performance and its underlying data. ADV efficiently displays various KPIs and allows end users to analyze the details from many different perspectives using drillable, interactive dashboards. http://www.compliancehome.com/news/SOX/13219.html Wed, 30 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13218.html BizCom Web Services, provider of enterprise-class Internet hosting services, today introduced its new Hosted Email Archiving Library - an all-in-one solution for small- to medium-sized businesses that helps preserve vital business intelligence and ensures compliance with legal and industry requirements while reducing the costly burden of in-house management. Email has quickly become the main transport mechanism for all types of business documents and intellectual capital, said Mark Wiener, President of BizCom Web Services. As a result, many industries are now required to keep non-editable copies of most every email or attached document they receive or send. Our hosted Email Archiving Library is designed to help businesses and government agencies safeguard their important legal documents and comply with e-discovery and records retention policies, particularly those mandated by Sarbanes-Oxley, HIPAA, and Federal Rules for Civil Procedures. http://www.compliancehome.com/news/SOX/13218.html Wed, 30 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13217.html OB10, operator of the global e-Invoicing network, has successfully completed the SAS 70 Type II audit for controls operated across all geographical regions. The Statement on Auditing Standards (SAS) No. 70 is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants. The report, carried out by independent auditors from PwC, allows OB10 to disclose its control activities and processes to its customers and auditors. An SAS 70 audit or service auditor's examination demonstrates that a service organization has been through an independent assessment of the organizations control activities, which generally include controls over information technology and related processes. A Type II service auditors report includes the service auditor's opinion on the fairness of the presentation of the service organizations description of controls that had been placed in operation. Furthermore, it also includes the service auditor's opinion on whe http://www.compliancehome.com/news/SOX/13217.html Tue, 29 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13212.html Oversight Systems, Inc., the leading provider of automated transaction monitoring software, today released the results of the 2008 Oversight Systems Financial Executive Report on Sarbanes-Oxley. The survey of financial executives indicates that they are no longer seeing incremental benefits from SOX, and they are looking to reduce both compliance costs as well as the number of key controls. At the same time, they want a better way to fight fraud. http://www.compliancehome.com/news/SOX/13212.html Mon, 28 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13203.html BMC Software announced results of a Total Economic Impact study conducted by Forrester Consulting, including BMC customer testimonials that demonstrate the cost savings and return on investment realized by implementing BMC Atrium Configuration Management Database (CMDB). The recently completed study, titled The Total Economic Impact of the BMC Atrium CMDB Solution, was commissioned by BMC and surveyed 26 BMC customers. Forrester used the input from these customers to create a sample composite organization to describe the potential benefits of the BMC Atrium CMDB, and found a cost savings and benefits of over $1.2 million and a lower level of risk when compared with the pre-implementation environment. One customer cited savings of $3.6 million in recovered revenue due to improved change processes with the BMC Atrium CMDB. http://www.compliancehome.com/news/SOX/13203.html Mon, 28 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13199.html IT-Lifeline has teamed with the ashington Bankers Association (WBA) to plan a series of educational webinars in response to new federal guideWlines that recommend tighter restrictions on top executives of financial institutions for overseeing business-continuity planning procedures.The federal organization that oversees business continuity planning (BCP) by financial institutions issued revisions in March to the handbook that instructs financial institutions on IT examination issues. http://www.compliancehome.com/news/SOX/13199.html Mon, 28 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13198.html SCIPP International, a global non-profit organization dedicated to providing world-class security awareness training and certification services, has announced that it has received an endorsement of its security awareness course content and its proprietary body of knowledge known as SCIPP GAP (Generally Accepted Practices) as it pertains to disaster recovery, from the Business Continuity Institute-USA Chapter. SCIPP's proprietary Security Awareness training and certification program satisfies organizational compliance requirements for security awareness as defined in the Payment Card Industry (PCI-DSS), the Federal Information Security Management Management Act (FISMA), the Gramm-Leach Bliley Act (GLB), the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX), the Federal Financial Institutions Examination Council (FFIEC) Guidelines, and other industry specific bodies that regulate reporting and best business practice requirements. http://www.compliancehome.com/news/SOX/13198.html Sun, 27 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13192.html Triumfant announced that Triumfant Compliance Manager(TM) has achieved NIST Security Content Automation Protocol (SCAP) validation in accordance with the OMB Federal Desktop Core Configuration (FDCC) security mandate for all Federal agencies. Triumfant Compliance Manager is the only stand-alone solution that actively maintains a perpetual state of compliance and audit-readiness on every PC, laptop and server, every day. Triumfant Compliance Manager dramatically reduces the time and costs necessary to achieve compliance with a variety of regulations-including Federal Information Security Management Act (FISMA), FDCC, Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and custom IT policies-while making the organization more secure in the process. Based on the uniquely powerful Triumfant IT Intelligence(TM) platform, Compliance Manager continuously verifies and enforces security policies on every PC, laptop, http://www.compliancehome.com/news/SOX/13192.html Fri, 25 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13190.html Research and Markets has announced the addition of the Leveraging SOX to Optimize Shareholder Value report to their offering. Since the Sarbanes-Oxley Act of 2002 was signed into law, SOX compliance for effective internal controls is both unavoidable and necessary. In addition to SOX requirements, U.S. corporations are obliged to adhere to all other relevant laws and regulations within their operating environments. Corporate leaders must comply--or else. Such a policy might sound unforgiving, but the primary objectives of compliance regulations are to serve and protect stakeholders--employees, investors, customers, suppliers, and the environment. http://www.compliancehome.com/news/SOX/13190.html Fri, 25 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13189.html Oversight Systems, provider of automated transaction monitoring software, released the results of the 2008 Oversight Systems Financial Executive Report on Sarbanes-Oxley. The survey of financial executives indicates that they are no longer seeing incremental benefits from SOX, and they are looking to reduce both compliance costs as well as the number of key controls. At the same time, they want a better way to fight fraud. Results of the survey show that confidence in SOX reducing financial fraud has fallen from 40 percent in 2005 to a new low of 29 percent. New data collected in this years survey further indicates that Audit Standard 5 (AS 5), issued last year by the Public Company Accounting Oversight Board (PCAOB), has created new challenges of its own in terms of risk management. Fifty-six percent of survey respondents cited identifying areas of greatest risk as a major challenge in complying with the new guidance. http://www.compliancehome.com/news/SOX/13189.html Fri, 25 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13185.html Triumfant, the industry leader in Automated Compliance Monitoring and Control software, announced that Triumfant Compliance Manager(TM) has achieved NIST Security Content Automation Protocol (SCAP) validation in accordance with the OMB Federal Desktop Core Configuration (FDCC) security mandate for all Federal agencies. Triumfant Compliance Manager is the only stand-alone solution that actively maintains a perpetual state of compliance and audit-readiness on every PC, laptop and server, every day. Triumfant Compliance Manager dramatically reduces the time and costs necessary to achieve compliance with a variety of regulations-including Federal Information Security Management Act (FISMA), FDCC, Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and custom IT policies-while making the organization more secure in the process. http://www.compliancehome.com/news/SOX/13185.html Thu, 24 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13183.html Triumfant, the industry leader in Automated Compliance Monitoring and Control software, today announced that Triumfant Compliance Manager has achieved NIST Security Content Automation Protocol (SCAP) validation in accordance with the OMB Federal Desktop Core Configuration (FDCC) security mandate for all Federal agencies. Triumfant Compliance Manager is the only stand-alone solution that actively maintains a perpetual state of compliance and audit-readiness on every PC, laptop and server, every day. Triumfant Compliance Manager dramatically reduces the time and costs necessary to achieve compliance with a variety of regulations-including Federal Information Security Management Act (FISMA), FDCC, Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and custom IT policies-while making the organization more secure in the process. Based on the uniquely powerful Triumfant IT Intelligence platform, Compliance Manag http://www.compliancehome.com/news/SOX/13183.html Thu, 24 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13178.html WorldExtendR, provider of remote data and application access software,has announced that its IronDoorR 3.5 remote network access software will make it simple for small to medium sized organizations to immediately implement a realistic telecommuting program for staff. This follows recent research from such respected institutions as the Telework Exchange and MSNBC confirming that telecommuting can significantly reduce both environmental pollution and fast-escalating travel costs associated with inflated gas prices. IronDoor 3.5's software-based secure remote network access enables small to medium sized organizations to set up a telecommuting or telework program by providing staff with secure, anytime/anywhere access to both applications and data (similar to Citrix). By ensuring that remote users can now securely access any resources they require, IronDoor 3.5 will facilitate staff in the reduction of rapidly-escalating costs associated with commuting - which recent MSNBC research estimat http://www.compliancehome.com/news/SOX/13178.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13171.html Guardium, the database security company, and BMC Software are hosting a Webcast to provide government agencies with effective strategies for safeguarding Personally Identifiable Information (PII) in sensitive databases and easily complying with OMB M-06-16. The OMB directive states that government departments and agencies must log all extracts from databases holding sensitive information and verify each extract including sensitive data has been erased within 90 days or its use is still required. Major government agencies, such as the Federal Trade Commission, have already improved database security and addressed compliance regulations by deploying Guardium's database activity monitoring (DAM) solution. Guardium 7 monitors and tracks all access to sensitive data, across all major DBMS platforms and applications, without impacting database performance or requiring changes to applications. http://www.compliancehome.com/news/SOX/13171.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13162.html Interoute, owner of Europe's most advanced voice and data network, announced that it has selected Configuresoft's Enterprise Configuration Manager (ECM) to support its internationally recognised ISO 27001 accredited security management system and ensure compliance with internal policy. Interoute operates a sophisticated portfolio of IT, Business Support Systems (BSS) and Network Management Systems (NMS) required to deliver and maintain next generation data solutions. Interoute selected ECM's server configuration management solution for its scalability, performance and ability to ensure the security and compliance critical to Interoute's customers. http://www.compliancehome.com/news/SOX/13162.html Sun, 20 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13159.html Archer Technologies (Archer), a provider of enterprise governance, risk and compliance solutions, today announced the release of its Data Feed Manager, which provides a new way for companies to perform rapid integrations between industry-leading products and the Archer SmartSuite Framework. Designed for use by technical business analysts, the Data Feed Manager allows Archer clients and partners to use the Archer Framework as a point of consolidation, bringing together data from any source for correlation, analysis, process management and reporting. A vital component of any governance, risk and compliance program is the ability to form an aggregate view of risks, vulnerabilities, metrics and operational data within the enterprise, says Jon Darbyshire, president and CEO of Archer Technologies. With the Data Feed Manager, Archer is putting power in the hands of technical business users to rapidly integrate enterprise data systems with the Archer SmartSuite Framework. This is a new market http://www.compliancehome.com/news/SOX/13159.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13155.html MAPEI Americas, a manufacturer of tile and stone installation systems, floor covering installation systems and concrete restoration products, has signed a multi-year agreement with 1Vault Networks (www.1vault.net), a South Florida provider for hosted IT services, colocation and disaster recovery services. MAPEI Americas, a part of MAPEI Group worldwide, operates 14 plants from Canada to Argentina and is headquartered in Deerfield Beach, Florida. The Americas subsidiaries have chosen the 66,000-square-foot, Category 5 hurricane-rated 1Vault Networks location for disaster recovery, colocation backup and customized headquarters connectivity with ATT Metro E circuit and 100 MB wireless connections, internet access and five other cross connects. http://www.compliancehome.com/news/SOX/13155.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13153.html As world markets brace for the possible collapse of dozens of American banks during the next year, global financial leaders meeting at the World Council of Credit Unions (WOCCU) conference in Hong Kong discussed ways that, by better emulating transparent practices and accountability of credit unions to the members they serve, banks may be better able to head off collapse. Regional banks including Washington Mutual Inc. and National City Corp. are at risk of failure, the New York Times reported July 14, 2008. Paul Sarbanes, former U.S. senator and sponsor of the Sarbanes Oxley Act of 2002, told conference-goers that adopting greater transparency and accountability voluntarily, following the lead of credit unions, is better than increased regulation. He also encouraged regulators to use existing laws more effectively. http://www.compliancehome.com/news/SOX/13153.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13150.html Oversight Systems, the leading provider of automated continuous transaction monitoring solutions, today announced that it has formed a Solution Alliance with national CFO services firm SolomonEdwardsGroup, LLC (SEG). http://www.compliancehome.com/news/SOX/13150.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13146.html Clearswift has released a new version of its advanced content security tool, MIMEsweeper for SMTP, to strengthen organizations' Data Loss Prevention capabilities. MIMEsweeper for SMTP is a sophisticated e-mail security and management system designed to comprehensively address the complex security layers, policies, processes and procedures that larger distributed enterprises face. The solution provides the flexibility to tailor day-to-day management of e-mail infrastructures to specific organizational needs. It scans outbound e-mail messages to ensure that they match an organization's e-mail policy ensuring that any messages containing sensitive or inappropriate information blocked or routed according to the stated policy based upon enforcing multiple outcomes based upon sender, recipient or content. MIMEsweeper solutions have traditionally been used by companies wishing to control the content of outgoing e-mails. This new version sees the introduction of yet more features designed to h http://www.compliancehome.com/news/SOX/13146.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13145.html Network Frontiers, the leader in IT regulatory compliance management, announced the availability of the Q3 2008 Unified Compliance Framework (UCF), the first independent database to simplify IT compliance. The latest version of UCF highlights the addition of numerous new regulations and standards, including Fair and Accurate Credit Transactions Act (FACTA), Federal Financial Institutions Examination Council (FFIEC) and Fair Credit Reporting Act. UCF acts as the cornerstone of IT compliance, mapping hundreds of regulations, including PCI-DSS (Payment Card), Sarbanes-Oxley, HIPAA, CobiT, and NIST, into a master hierarchal framework. We are engaged with an accounting firm that owns several entities requiring them to be compliant with HIPAA, FFIEC, SOX and GLBA, said Christopher Hannan, owner of Optimal Technologies, LLC. In order to for us to provide their compliance auditing and consulting, we needed a cost effective and easy way to organize their compliance obligations. After evaluating http://www.compliancehome.com/news/SOX/13145.html