SOX Security:- High Tower

High Tower a vendor of security event management software has added functionality to its Security Event Manager (SEM) appliances.

New features include:-

* Expanded MetaRules engine with expanded template-based rules system.
* compliance-focused report generation with Sarbanes-Oxley and PCI pre-configured bundles
* Easier to view graphics.
* Improved back-up to networked storage.

For more SOX and security resources

SOX TOOLS: RazorSight

Razorsight has launched Automated Invoice Management, which it claims will show a return on investment in less than a year.

The suite is a "turn-key" solution offering automation, business workflow and analytics of direct costs.

Software-as-a-Service (SaaS) integrates with existing ERP or financial systems and automates the capture and analysis of all invoice data. Automated 4-way matching is also conducted.

For more Razorsight news.

Board Changes For Sarbanes-Oxley

The composition of America's boards has changed since the Sarbanes-Oxley Act. The finding is from a new survey of boards and their directors by Spencer Stuart.

In particular CEOs are taking on fewer directorships. Companies are having to expand their views on what they seek in a new director.

The average number of outside corporate directorships held by CEOs of S&P 500 companies has fallen to 0.8, from 1.2 in 2001 and 2.0 in 1998. Active CEOs now comprise only 29 percent of new independent directors in the S&P 500, down from 47 percent in 2001.

SOX & NONPROFITS

Two fifths of American charities or non-profits would have difficulty implementing the Sarbanes-Oxley according to a new survey.

The research from the Urban Institute, National Survey of Nonprofit Governance. 5115 nonprofits took part in the survey.

Only 20% had audit companies. Even amongst those with $40m plus expenses, the figure was 58%. The Sarbanes-Oxley Act requires publicly listed companies to have such a committee.

Of the nonprofits without an audit panel, 51 percent said it would be somewhat or very difficult to create one. Among the smallest nonprofits, 28 percent indicated it would be very difficult, compared with fewer than 10 percent with over $2 million in expenses.

IDENTITY TOOLS

Sun Microsystems has released Sun Java™ System Identity Manager 7.0 at Digital ID World. The main enhancement is the combination of the capability to prevent inappropriate user access whilst detecting violations in the company's user access policies.

The two technologies are user provisioning - creating, updating and deleting user access across applications and systems. The other is identity auditing - analyzing applications and systems for identity control violations, notifying compliance officers and addressing policy exceptions.

CFO PEOPLE

Catcher Holdings, vendor of the CATCHER(TM) device, a portable, ruggedized, wireless, handheld computer and communications control device, has appointed Debra Hoopes as its new Chief Financial Officer (CFO).

Charles Sander, CEO of Catcher Holdings said, "We are very pleased to have Debra coming on board as part of our operational consolidation in Virginia. Her experience as a CFO at Intersections, Compel, and CityNet will prove invaluable as Catcher completes is transition from a development to commercial entity. Because of Sarbanes-Oxley and the other existing market rules, we had to have someone who could hit the ground running and who had experience in investor relations as well as accounting and reporting. Debra meets and exceeds these requirements, and we are all looking forward to working with such a high-caliber financial professional."

Hoopes said, "I am very excited about joining Catcher at this important time in its development. The Company's management understands that the needs of an operating publicly-held company in its financial reporting are much more intricate and vital than those of a development stage concern. They have built an amazingly robust and flexible command control device with the CATCHER(TM) unit, and the next challenge for me is to ensure that its marketplace success is reported accurately and in a timely fashion."

TEST AUTOMATION:Spirent and MRV

MRV Communications, a vendor of service aware networking products has signed a partnership deal with Spirent Communications. Media Cross Connect and LX 4000T console server from MRV is to be incorporated into the Spirent Test Automation Lab.

Spirent is currently trying to reduce its lab configuration time, testing time, whilst at the same time offering automation proof-of-concept capabilities.

SECURITY TOOLS: Security Vendor News

CipherPass Corporation announced a partnership agreement today with Contego Information Security Services to provide C~suite as a managed service. Contego's launch of C~suite builds on their ability to provide strategic security solutions by enabling secure email, file and folder encryption, digital document signing, authenticated web access, and two-factor authentication for remote VPN and wireless users.

"Based on demand from large enterprises for security solutions that apply to their business needs, we are pleased to offer C~suite to both our current and prospective customers. C~suite provides an industry standard, trusted digital certificate solution that is easy to use and deploy. The secure email and file/folder encryption as part of C~suite exceeds the global security compliance demands of our customers," states Tony Fairclough, President of Contego Information Security Services.

RECORDS COMPLIANCE: Best practices

Records Compliance software vendor Open Text has recommended 11 best practices for companies to follow to help compliance from the start.

The software Open Text supplies are in the Enterprise Content Management segment.

Practices inlcude:-
* Focus on business processes.
* Present the bigger ROI picture
* Consider a full assessment
* Use what is already created
* Align records management with your corporate ECM strategy
* Tap existing IT systems
* Create a communication plan
* Demonstrate benefits to users
* Build in measures for success
* Share best practices

For more records management info

TAX SOFTWARE - Movers and Shakers

Ryan & Company has acquired Certisoft Solutions. The deal expeands Ryan's offerings of tax technology.

"The CertiSoft Solutions acquisition provides Ryan & Company with the opportunity to expand and optimize its full-service tax technology solutions by adding top-rated tax certificate management capability," said G. Brint Ryan, Managing Principal of Ryan & Company. "Our clients are often responsible for managing thousands of such certificates covering millions of transactions. CertiSoft Solutions' product suite provides the ability to effectively manage this function and avoid the potential tax liability associated with missing, incomplete, and invalid certificates."

"We are thrilled to be part of Ryan & Company," said Janet Spann (of CertifSoft). "Ryan & Company's transaction tax consulting practice, the U.S. market leader, includes many clients that can benefit from our product suite. Our proprietary software provides clients with a unique and efficient system of managing tax certificates, while helping them comply with Sarbanes-Oxley requirements."

ENTERPRISE SECURITY: ArcSights Common Event Framework

Enterprise security management (ESM) vendor ArcSight has launched an open log management suite called the Common Event Format.

The CEF seeks to improve the interoperability of different security and network devices and applications. ArcSight claims that its experience across more than 30 different security and network technology categories. CEF enables technology companies and customers to use a common event log format so that data can be easily collected and aggregated for analysis by an enterprise security management system. For more enterprise news see the main site.

NFP: Start to feel Compliance Heat

The IRS is turning its attention on Not-For-Profit organisations in their pursuit of excessive executive compensations. The warning comes from Compensation Resources.


Citing the Sarbanes-Oxley Act, FASB requirements on stock options and SEC rules, the company claims are aimed at public companies, NFPs are also at risk.

For more on Not-for-profit organisation news