More vendors rolling out Sarbanes-Oxley software
The new tools are focused on automating checks of financial controls by users
Computerworld - OpenPages Inc. this week will become the latest vendor to offer software that's designed to help companies meet the financial documentation and reporting requirements of the Sarbanes-Oxley Act of 2002.
And like many other products that have been announced recently, the Web-based software suite developed by Westford, Mass.-based OpenPages specifically addresses Section 404 of the law. That section requires publicly held companies to conduct annual evaluations of their financial reporting controls and procedures.
Vendors such as Oracle Corp. and Redmond, Wash.-based Concur Technologies Inc. have also detailed Section 404 compliance tool kits (see story).
In addition, Protiviti Inc., a Menlo Park, Calif.-based firm that offers internal auditing and business-risk consulting services, last week introduced a Web-based repository for organizing and documenting Section 404 compliance plans.
OpenPages said its Sarbanes-Oxley Express 404 software is based on J2EE technology and runs on top of application servers from Oracle and San Jose-based BEA Systems Inc. The software is priced between $25,000 and $65,000, depending on the number of end users.
Many Units, One Database
Volt Information Sciences Inc., a New York-based provider of temporary staffing and IT services that has annual revenue of more than $2 billion, plans to finish installing the OpenPages software on a Windows 2000 server this week.
James J. Groberg, Volt's chief financial officer, said the company operates 12 business units, each of which has its own accounting and profit-and-loss (P&L) responsibilities. For financial reporting purposes, "you have to treat each one differently," he noted. But Volt is looking to develop a database that links the disparate accounting data under a single structured format.
After evaluating a handful of products, Volt in May settled on the one developed by OpenPages. Groberg said it helped that OpenPages was willing to make enhancements based on Volt's suggestions, including the creation of a master content chart of balance-sheet and P&L accounts.
But even though Sarbanes-Oxley compliance tools are becoming available from more vendors, many CIOs and other executives are still having a hard time comprehending the act's requirements. Sarbanes-Oxley, which was signed into law last summer, includes more than 90 sections and 300 discrete points of law.
Seeking Clarity
The mandates of Sarbanes-Oxley "aren't very clear," said Louis Boyle, a Meta Group Inc. analyst based in Hilton Head, S.C. "CIOs have been asking us, 'What is it? What do we need to do? How do we prepare for it?'"
The U.S. Securities and Exchange Commission, the Public Company Accounting Oversight Board and other regulators haven't specified what kind of information they're looking for from companies, said Groberg. "You're almost working in the dark in terms of what you're going to have to provide," he said.
Protiviti said its SarbOx Portal software is designed to provide users with a process-based approach to documenting and evaluating their financial reporting controls.
The software is being offered only to Protiviti's consulting clients, and a company spokesman said pricing "is being kept confidential."
Read more about Gov't Legislation/Regulation in Computerworld's Gov't Legislation/Regulation Topic Center.



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Overcome Top 7 Admin Challenges of Active Directory
- As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
- Insiders Can Ruin Your Company. Take Action.
- Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
- Top Solutions and Tools to Prevent Devastating Malware
- Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
- X-Ray of the PCI Process-4 Proactive Steps
- This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into... All Gov't Legislation/Regulation White Papers
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
- Virtualize Business-Critical Applications with Confidence
- Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere®... All Gov't Legislation/Regulation Webcasts