Above the Cloud By James Kobielus, Network World, 03/06/07
Compliance has been one of the dominant themes in the post-Enron age of corporate IT. Many software providers tout their offerings as solutions for complying with the Sarbanes-Oxley Act (SOX) and every other regulatory mandate, industry best-practices framework and corporate internal policy.
However, over the past year, a new IT product segment has emerged — governance, risk and compliance (GRC) management — that integrates compliance point solutions into comprehensive, service-oriented architecture (SOA)-enabled enterprise suites. Fueling this trend is the growing realization that companies cannot have one stovepipe GRC management infrastructure for each mandate, but must leverage a single infrastructure across all initiatives. Each new investment in compliance-enabling technologies must integrate through SOA into the company’s core GRC management platform.
[...]
Vendors such as BWise, CA, MEGA International and OpenPages have been active in the compliance arena for several years.
[...]