Austin, TX (PRWEB) September 27, 2007
Compliance Spectrum, a leading provider of governance, risk and compliance (GRC) solutions, today announced the availability of the next release of Spectra, a complete IT compliance lifecycle management solution that reduces the complexity and lowers the risk of non-compliance of regulatory mandates through best practice workflow automation. Spectra provides CSOs, CFOs, CCOs, CIOs -- and their teams -- a framework to continuously monitor, measure and report on compliance status.
Spectra provides an auditable, centralized repository that contains a comprehensive compliance content library and pre-populated policy templates based on ISO 17799 and COBiT. Additionally, Spectra automates policy/control creation, coordination, approval, distribution and communication. Integrated workflow, based on organizational responsibilities, ensures there is a mechanism to track and analyze compliance programs within an organization.
The new version of Spectra has a single regulatory framework view built specifically for PCI (Payment Card Industry) and NERC (North American Energy Reliability Corporation) regulatory mandates. Specific content includes NERC CIP (Critical Infrastructure Protection) and the entire PCI Standard. This release of Spectra also includes the COBiT 4.1 framework. COBiT 4.1 has long been an IT auditing standard and one of the most used frameworks in developing IT controls for organizations.
The new release includes the ability to automatically schedule the upload of evidence collected by 3rd party monitoring systems, allowing organizations to leverage existing security and other infrastructure data collection tools. Spectra's evidence monitoring capability aggregates evidence collection and links it to IT Controls to demonstrate compliance.
"The impact of compliance requirements on IT has been resource intensive and costly," says Vivian Tero, Senior Research Analyst at IDC. "Vendors, like Compliance Spectrum, who offer solutions that automate IT governance, risk & compliance (GRC) throughout the IT life cycle represent the next generation of specialized GRC solutions."
Spectra uniquely incorporates "implementation guidance language" that supports multiple regulatory mandates (SOX, HIPAA, PCI, NERC CIP, etc.), and provides traceability for objectives, controls and evidence.
Management dashboards provide an audit, issue tracking and reporting capability for internal and external audit activities, and immediately highlight -- on customizable dashboards -- issues arising from gaps in policy or evidence associated with policy implementation.
Spectra's software-as-a-service (SaaS) delivery model drives down cost and provides a mechanism for automatic content update that ensures compliance content up-to-date and accurate. Spectra's team of policy analysts, lead by subject matter experts and in partnership with the University of Fairfax and the SOX Institute provide routine updates to regulations, frameworks, and policies.
About Compliance Spectrum:
Compliance Spectrum offers commercial IT governance, risk and compliance software solutions that empower highly regulated and complex organizations to address the complete lifecycle of compliance. Compliance Spectrum's flagship product, Spectra, provides an automation framework that streamlines the compliance process, lowering the cost of compliance while reducing the business risk of non-compliance. Compliance Spectrum has won numerous industry awards for its first generation product, Command Center. The company is headquartered in Austin Texas with offices in Houston, San Diego, Fairfax Va., and London England. For more information, visit http://www.compliancespectrum.com.